admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#233

Browse Source 
Auto-merge PR#233
This commit is contained in:
CVE Team 2020-12-07 16:55:20 -05:00 committed by GitHub
commit 5d6f89faa7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 46 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
2019/6xxx/CVE-2019-6170.json
View File

@ -2,8 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2019-6170",
"STATE": "PUBLIC",
"TITLE": "A potential vulnerability in some Lenovo ThinkPads may allow an attacker to execute arbitrary code under SMM under certain circumstances."
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -37,12 +36,28 @@
"description_data": [
{
"lang": "eng",
"value": "A potential vulnerability in some Lenovo ThinkPads may allow an attacker to execute arbitrary code under SMM under certain circumstances."
"value": "A potential vulnerability in the SMI callback function used in the Legacy USB driver using boot services structure in runtime phase in some Lenovo ThinkPad models may allow arbitrary code execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
@ -59,9 +74,9 @@
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.lenovo.com/us/en/product_security/LEN-27714",
"name": "https://support.lenovo.com/us/en/product_security/LEN-27714"
"name": "https://support.lenovo.com/us/en/product_security/LEN-27714",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-27714"
}
]
},
@ -72,7 +87,7 @@
}
],
"source": {
"advisory": "https://support.lenovo.com/us/en/product_security/LEN-27714",
"advisory": "LEN-27714",
"discovery": "EXTERNAL"
}
}

31
2019/6xxx/CVE-2019-6172.json
View File

@ -2,8 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2019-6172",
"STATE": "PUBLIC",
"TITLE": "A potential vulnerability in the SMI callback function in some Lenovo ThinkPad models may allow arbitrary code execution."
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -37,12 +36,28 @@
"description_data": [
{
"lang": "eng",
"value": "A potential vulnerability in the SMI callback function in some Lenovo ThinkPad models may allow arbitrary code execution"
"value": "A potential vulnerability in the SMI callback function used in Legacy USB driver using passed parameter without sufficient checking in some Lenovo ThinkPad models may allow arbitrary code execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
@ -59,9 +74,9 @@
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.lenovo.com/us/en/product_security/LEN-27714",
"name": "https://support.lenovo.com/us/en/product_security/LEN-27714"
"name": "https://support.lenovo.com/us/en/product_security/LEN-27714",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-27714"
}
]
},
@ -72,7 +87,7 @@
}
],
"source": {
"advisory": "https://support.lenovo.com/us/en/product_security/LEN-27714",
"advisory": "LEN-27714",
"discovery": "EXTERNAL"
}
}