admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#4972

Browse Source 
Auto-merge PR#4972
This commit is contained in:
CVE Team 2020-10-06 01:00:34 -04:00 committed by GitHub
commit 537fbc5193
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 144 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
2020/5xxx/CVE-2020-5631.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-5631", "ID": "CVE-2020-5631",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "CMONOS Co. Ltd.",
"product": {
"product_data": [
{
"product_name": "CMONOS.JP",
"version": {
"version_data": [
{
"version_value": "ver2.0.20191009 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://cmonos.jp/download/history.html"
},
{
"url": "https://cmonos.jp/download/index.shtml"
},
{
"url": "https://jvn.jp/en/vu/JVNVU93741515/index.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Stored cross-site scripting vulnerability in CMONOS.JP ver2.0.20191009 and earlier allows remote attackers to inject arbitrary script via unspecified vectors."
} }
] ]
} }

50
2020/5xxx/CVE-2020-5632.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-5632", "ID": "CVE-2020-5632",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NEC Corporation",
"product": {
"product_data": [
{
"product_name": "InfoCage SiteShell series",
"version": {
"version_data": [
{
"version_value": "Host type SiteShell for IIS V1.4, V1.5, and V1.6, Host type SiteShell for IIS prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1, Host type SiteShell for Apache Windows V1.4, V1.5, and V1.6, and Host type SiteShell for Apache Windows prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Fails to restrict access"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://jpn.nec.com/infocage/siteshell/everyone_20200918.html"
},
{
"url": "https://jvn.jp/en/jp/JVN07426151/index.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "InfoCage SiteShell series (Host type SiteShell for IIS V1.4, V1.5, and V1.6, Host type SiteShell for IIS prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1, Host type SiteShell for Apache Windows V1.4, V1.5, and V1.6, and Host type SiteShell for Apache Windows prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1) allow authenticated attackers to bypass access restriction and to execute arbitrary code with an elevated privilege via a specially crafted executable files."
} }
] ]
} }

50
2020/5xxx/CVE-2020-5634.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-5634", "ID": "CVE-2020-5634",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ELECOM CO.,LTD.",
"product": {
"product_data": [
{
"product_name": "ELECOM LAN routers",
"version": {
"version_data": [
{
"version_value": "WRC-2533GST2 firmware versions prior to v1.14, WRC-1900GST2 firmware versions prior to v1.14, WRC-1750GST2 firmware versions prior to v1.14, and WRC-1167GST2 firmware versions prior to v1.10"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.elecom.co.jp/news/security/20201005-01/"
},
{
"url": "https://jvn.jp/en/jp/JVN82892096/index.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "ELECOM LAN routers (WRC-2533GST2 firmware versions prior to v1.14, WRC-1900GST2 firmware versions prior to v1.14, WRC-1750GST2 firmware versions prior to v1.14, and WRC-1167GST2 firmware versions prior to v1.10) allow an attacker on the same network segment to execute arbitrary OS commands with a root privilege via unspecified vectors."
} }
] ]
} }