mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
58aa779d66
commit
56bd89974c
@ -91,6 +91,11 @@
|
||||
"refsource": "MLIST",
|
||||
"name": "[debian-lts-announce] 20200812 [SECURITY] [DLA 2323-1] linux-4.19 new package",
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4483-1",
|
||||
"url": "https://usn.ubuntu.com/4483-1/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -103,6 +103,11 @@
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4440-1",
|
||||
"url": "https://usn.ubuntu.com/4440-1/"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4483-1",
|
||||
"url": "https://usn.ubuntu.com/4483-1/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -101,6 +101,11 @@
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4465-1",
|
||||
"url": "https://usn.ubuntu.com/4465-1/"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4483-1",
|
||||
"url": "https://usn.ubuntu.com/4483-1/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -66,6 +66,11 @@
|
||||
"refsource": "SUSE",
|
||||
"name": "openSUSE-SU-2020:0935",
|
||||
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4483-1",
|
||||
"url": "https://usn.ubuntu.com/4483-1/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -86,6 +86,16 @@
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4465-1",
|
||||
"url": "https://usn.ubuntu.com/4465-1/"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4462-1",
|
||||
"url": "https://usn.ubuntu.com/4462-1/"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4483-1",
|
||||
"url": "https://usn.ubuntu.com/4483-1/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -91,6 +91,11 @@
|
||||
"refsource": "MLIST",
|
||||
"name": "[debian-lts-announce] 20200812 [SECURITY] [DLA 2323-1] linux-4.19 new package",
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4483-1",
|
||||
"url": "https://usn.ubuntu.com/4483-1/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -78,6 +78,11 @@
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4484-1",
|
||||
"url": "https://usn.ubuntu.com/4484-1/"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4483-1",
|
||||
"url": "https://usn.ubuntu.com/4483-1/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -86,6 +86,11 @@
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4465-1",
|
||||
"url": "https://usn.ubuntu.com/4465-1/"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4483-1",
|
||||
"url": "https://usn.ubuntu.com/4483-1/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -66,6 +66,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202009-08",
|
||||
"url": "https://security.gentoo.org/glsa/202009-08"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[debian-lts-announce] 20200915 [SECURITY] [DLA 2374-1] gnome-shell security update",
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00014.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -81,6 +81,11 @@
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20200904-0003/",
|
||||
"url": "https://security.netapp.com/advisory/ntap-20200904-0003/"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-4483-1",
|
||||
"url": "https://usn.ubuntu.com/4483-1/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -42,7 +42,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A cross-site scripting inclusion (XSSI) vulnerability was reported in the legacy IBM BladeCenter Advanced Management Module (AMM) web interface prior to version 3.68n [BPET68N]. This vulnerability could allow an authenticated user's AMM credentials to be disclosed if the user is convinced to visit a malicious web site, possibly through phishing. Successful exploitation requires specific knowledge about the user’s network to be included in the malicious web site. Impact is limited to the normal access restrictions of the user visiting the malicious web site, and subject to the user being logged into AMM, being able to connect to both AMM and the malicious web site while the web browser is open, and using a web browser that does not inherently protect against this class of attack. The JavaScript code is not executed on AMM itself."
|
||||
"value": "A cross-site scripting inclusion (XSSI) vulnerability was reported in the legacy IBM BladeCenter Advanced Management Module (AMM) web interface prior to version 3.68n [BPET68N]. This vulnerability could allow an authenticated user's AMM credentials to be disclosed if the user is convinced to visit a malicious web site, possibly through phishing. Successful exploitation requires specific knowledge about the user\u2019s network to be included in the malicious web site. Impact is limited to the normal access restrictions of the user visiting the malicious web site, and subject to the user being logged into AMM, being able to connect to both AMM and the malicious web site while the web browser is open, and using a web browser that does not inherently protect against this class of attack. The JavaScript code is not executed on AMM itself."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -80,8 +80,9 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://support.lenovo.com/us/en/product_security/LEN-38385"
|
||||
"refsource": "MISC",
|
||||
"url": "https://support.lenovo.com/us/en/product_security/LEN-38385",
|
||||
"name": "https://support.lenovo.com/us/en/product_security/LEN-38385"
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -96,4 +97,3 @@
|
||||
"discovery": "UNKNOWN"
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -65,7 +65,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A cross-site scripting (XSS) vulnerability was discovered in the legacy IBM and Lenovo System x IMM2 (Integrated Management Module 2), prior to version 5.60, embedded Baseboard Management Controller (BMC) web interface during an internal security review. This vulnerability could allow JavaScript code to be executed in the user's web browser if the user is convinced to visit a crafted URL, possibly through phishing. Successful exploitation requires specific knowledge about the user’s network to be included in the crafted URL. Impact is limited to the normal access restrictions and permissions of the user clicking the crafted URL, and subject to the user being able to connect to and already being authenticated to IMM2 or other systems. The JavaScript code is not executed on IMM2 itself."
|
||||
"value": "A cross-site scripting (XSS) vulnerability was discovered in the legacy IBM and Lenovo System x IMM2 (Integrated Management Module 2), prior to version 5.60, embedded Baseboard Management Controller (BMC) web interface during an internal security review. This vulnerability could allow JavaScript code to be executed in the user's web browser if the user is convinced to visit a crafted URL, possibly through phishing. Successful exploitation requires specific knowledge about the user\u2019s network to be included in the crafted URL. Impact is limited to the normal access restrictions and permissions of the user clicking the crafted URL, and subject to the user being able to connect to and already being authenticated to IMM2 or other systems. The JavaScript code is not executed on IMM2 itself."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -103,8 +103,9 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://support.lenovo.com/us/en/product_security/LEN-44717"
|
||||
"refsource": "MISC",
|
||||
"url": "https://support.lenovo.com/us/en/product_security/LEN-44717",
|
||||
"name": "https://support.lenovo.com/us/en/product_security/LEN-44717"
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -119,4 +120,3 @@
|
||||
"discovery": "UNKNOWN"
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -80,8 +80,9 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://support.lenovo.com/us/en/product_security/LEN-42150"
|
||||
"refsource": "MISC",
|
||||
"url": "https://support.lenovo.com/us/en/product_security/LEN-42150",
|
||||
"name": "https://support.lenovo.com/us/en/product_security/LEN-42150"
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -96,4 +97,3 @@
|
||||
"discovery": "UNKNOWN"
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -1,4 +1,3 @@
|
||||
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "psirt@lenovo.com",
|
||||
@ -81,8 +80,9 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://support.lenovo.com/us/en/product_security/LEN-38717"
|
||||
"refsource": "MISC",
|
||||
"url": "https://support.lenovo.com/us/en/product_security/LEN-38717",
|
||||
"name": "https://support.lenovo.com/us/en/product_security/LEN-38717"
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -97,4 +97,3 @@
|
||||
"discovery": "UNKNOWN"
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user