From 65e173fd90530be33f4b0b87dd3ee9b95f0f1843 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 24 Apr 2020 18:01:18 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/12xxx/CVE-2020-12139.json | 18 +++++++++++ 2020/12xxx/CVE-2020-12140.json | 18 +++++++++++ 2020/12xxx/CVE-2020-12141.json | 18 +++++++++++ 2020/7xxx/CVE-2020-7131.json | 56 ++++++++++++++++++++++++++++++++-- 4 files changed, 107 insertions(+), 3 deletions(-) create mode 100644 2020/12xxx/CVE-2020-12139.json create mode 100644 2020/12xxx/CVE-2020-12140.json create mode 100644 2020/12xxx/CVE-2020-12141.json diff --git a/2020/12xxx/CVE-2020-12139.json b/2020/12xxx/CVE-2020-12139.json new file mode 100644 index 00000000000..66c591fe1cf --- /dev/null +++ b/2020/12xxx/CVE-2020-12139.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-12139", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12140.json b/2020/12xxx/CVE-2020-12140.json new file mode 100644 index 00000000000..ded821f09b7 --- /dev/null +++ b/2020/12xxx/CVE-2020-12140.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-12140", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12141.json b/2020/12xxx/CVE-2020-12141.json new file mode 100644 index 00000000000..085d67ba4ea --- /dev/null +++ b/2020/12xxx/CVE-2020-12141.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-12141", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7131.json b/2020/7xxx/CVE-2020-7131.json index 63ebfa30bf1..176aefc7ba7 100644 --- a/2020/7xxx/CVE-2020-7131.json +++ b/2020/7xxx/CVE-2020-7131.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-7131", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Integrated Maintenance Entity T1805; Maintenance Entity T2805; Blade Maintenance Entity FW T4805", + "version": { + "version_data": [ + { + "version_value": "T1805A01 through T1805A01^AAH" + }, + { + "version_value": "- T2805A01 through T2805A01^AAU" + }, + { + "version_value": "- T4805A01 through T4805A01^AAY" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote denial of service (dos); remote disclosure of information; remote local memory corruption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03996en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03996en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This document describes a security vulnerability in Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity products. All J/H-series NonStop systems have a security vulnerability associated with an open UDP port 17185 on the Maintenance LAN which could result in information disclosure, denial-of-service attacks or local memory corruption against the affected system and a complete control of the system may also be possible. This vulnerability exists only if one gains access to the Maintenance LAN to which Blade Maintenance Entity, Integrated Maintenance Entity or Maintenance Entity product is connected. **Workaround:** Block the UDP port 17185(In the Maintenance LAN Network Switch/Firewall). Fix: Install following SPRs, which are already available: * T1805A01^AAI (Integrated Maintenance Entity) * T4805A01^AAZ (Blade Maintenance Entity). These SPRs are also usable with the following RVUs: * J06.19.00 ? J06.23.01. No fix planned for the following RVUs: J06.04.00 ? J06.18.01. No fix planned for H-Series NonStop systems. No fix planned for the product T2805 (Maintenance Entity)." } ] }