admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-08 19:46:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-09-02 19:01:41 +00:00
parent 6734ac6c60
commit 6ec4b8ca33
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
8 changed files with 580 additions and 580 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2020/16xxx/CVE-2020-16167.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Missing Authentication for Critical Function in Robotemi Global Ltd Temi Firmware up to 20190419.165201, Launcher OS prior to 11969-13146, Robox OS prior to 117.21-119.24, and their Android phone app prior to 1.3.3-1.3.7931 allows remote attackers to receive and answer calls intended for another temi user. Answering the call this way grants motor control of the temi in addition to audio/video."
"value": "Missing Authentication for Critical Function in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to receive and answer calls intended for another temi user. Answering the call this way grants motor control of the temi in addition to audio/video via unspecified vectors."
}
]
},

2
2020/16xxx/CVE-2020-16168.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Origin Validation Error in Robotemi Global Ltd Temi Firmware up to 20190419.165201, Launcher OS prior to 11969-13146, Robox OS prior to 117.21-119.24, and their Android phone app prior to 1.3.3-1.3.7931 allows remote attackers to access the custom API server and MQTT broker used by the temi and send it custom data/requests."
"value": "Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors."
}
]
},

2
2020/16xxx/CVE-2020-16169.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Authentication Bypass Using an Alternate Path or Channel in Robotemi Global Ltd Temi Firmware up to 20190419.165201, Launcher OS prior to 11969-13146, Robox OS prior to 117.21-119.24, and their Android phone app prior to 1.3.3-1.3.7931 allows remote attackers to listen in on any ongoing calls between temi robots and their users if they can brute-force/guess a six-digit value."
"value": "Authentication Bypass Using an Alternate Path or Channel in temi Robox OS prior to120, temi Android app up to 1.3.7931 allows remote attackers to gain elevated privileges on the temi and have it automatically answer the attacker's calls, granting audio, video, and motor control via unspecified vectors."
}
]
},

2
2020/16xxx/CVE-2020-16170.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use of Hard-coded Credentials in Robotemi Global Ltd Temi Firmware up to 20190419.165201, Launcher OS prior to 11969-13146, Robox OS prior to 117.21-119.24, and their Android phone app prior to 1.3.3-1.3.7931 allows remote attackers to gain raised privileges on the temi and have it automatically answer the attacker's calls, granting audio, video, and motor control."
"value": "Use of Hard-coded Credentials in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to listen in on any ongoing calls between temi robots and their users if they can brute-force/guess a six-digit value via unspecified vectors."
}
]
},

322
2020/4xxx/CVE-2020-4445.json
View File

@ -1,163 +1,163 @@
{
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "H",
"RC" : "C"
},
"BM" : {
"SCORE" : "5.400",
"AV" : "N",
"S" : "C",
"C" : "L",
"PR" : "L",
"UI" : "R",
"A" : "N",
"I" : "L",
"AC" : "L"
}
}
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6325343",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6325343",
"title" : "IBM Security Bulletin 6325343 (Rational Rhapsody Design Manager)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/181122",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-jazz-cve20204445-xss (181122)",
"refsource" : "XF"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"value" : "IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 181122.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"CVE_data_meta" : {
"ID" : "CVE-2020-4445",
"DATE_PUBLIC" : "2020-09-01T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Rational Rhapsody Design Manager",
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
},
{
"version_value" : "7.0"
}
]
}
},
{
"product_name" : "Rational Quality Manager",
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
}
},
{
"product_name" : "Rational Team Concert",
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
},
{
"version_value" : "7.0"
}
]
}
},
{
"product_name" : "Rational DOORS Next Generation",
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
},
{
"version_value" : "7.0"
}
]
}
},
{
"version" : {
"version_data" : [
{
"version_value" : "7.0"
}
]
},
"product_name" : "Engineering Workflow Management"
}
]
},
"vendor_name" : "IBM"
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"E": "H",
"RC": "C"
},
"BM": {
"SCORE": "5.400",
"AV": "N",
"S": "C",
"C": "L",
"PR": "L",
"UI": "R",
"A": "N",
"I": "L",
"AC": "L"
}
]
}
}
}
}
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6325343",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6325343",
"title": "IBM Security Bulletin 6325343 (Rational Rhapsody Design Manager)"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181122",
"title": "X-Force Vulnerability Report",
"name": "ibm-jazz-cve20204445-xss (181122)",
"refsource": "XF"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"data_format": "MITRE",
"description": {
"description_data": [
{
"value": "IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 181122.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_type": "CVE",
"CVE_data_meta": {
"ID": "CVE-2020-4445",
"DATE_PUBLIC": "2020-09-01T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational Rhapsody Design Manager",
"version": {
"version_data": [
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
}
]
}
},
{
"product_name": "Rational Quality Manager",
"version": {
"version_data": [
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
}
},
{
"product_name": "Rational Team Concert",
"version": {
"version_data": [
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
}
]
}
},
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
}
]
}
},
{
"version": {
"version_data": [
{
"version_value": "7.0"
}
]
},
"product_name": "Engineering Workflow Management"
}
]
},
"vendor_name": "IBM"
}
]
}
}
}

318
2020/4xxx/CVE-2020-4522.json
View File

@ -1,163 +1,163 @@
{
"data_version" : "4.0",
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182397."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"data_type": "CVE",
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Rational Rhapsody Design Manager",
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
},
{
"version_value" : "7.0"
}
]
}
},
{
"product_name" : "Rational Quality Manager",
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
}
},
{
"product_name" : "Engineering Workflow Management",
"version" : {
"version_data" : [
{
"version_value" : "7.0"
}
]
}
},
{
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
},
{
"version_value" : "7.0"
}
]
},
"product_name" : "Rational DOORS Next Generation"
},
{
"product_name" : "Rational Team Concert",
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
},
{
"version_value" : "7.0"
}
]
}
}
]
}
"lang": "eng",
"value": "IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182397."
}
]
}
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-09-01T00:00:00",
"ID" : "CVE-2020-4522"
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6325343 (Rational Rhapsody Design Manager)",
"url" : "https://www.ibm.com/support/pages/node/6325343",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6325343"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/182397",
"name" : "ibm-doors-cve20204522-xss (182397)",
"refsource" : "XF"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Rational Rhapsody Design Manager",
"version": {
"version_data": [
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
}
]
}
},
{
"product_name": "Rational Quality Manager",
"version": {
"version_data": [
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
}
},
{
"product_name": "Engineering Workflow Management",
"version": {
"version_data": [
{
"version_value": "7.0"
}
]
}
},
{
"version": {
"version_data": [
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
}
]
},
"product_name": "Rational DOORS Next Generation"
},
{
"product_name": "Rational Team Concert",
"version": {
"version_data": [
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
}
]
}
}
]
}
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "R",
"PR" : "L",
"A" : "N",
"AC" : "L",
"I" : "L",
"SCORE" : "5.400",
"C" : "L",
"AV" : "N",
"S" : "C"
},
"TM" : {
"RL" : "O",
"E" : "H",
"RC" : "C"
}
}
},
"data_format" : "MITRE"
}
}
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-09-01T00:00:00",
"ID": "CVE-2020-4522"
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6325343 (Rational Rhapsody Design Manager)",
"url": "https://www.ibm.com/support/pages/node/6325343",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6325343"
},
{
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/182397",
"name": "ibm-doors-cve20204522-xss (182397)",
"refsource": "XF"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"impact": {
"cvssv3": {
"BM": {
"UI": "R",
"PR": "L",
"A": "N",
"AC": "L",
"I": "L",
"SCORE": "5.400",
"C": "L",
"AV": "N",
"S": "C"
},
"TM": {
"RL": "O",
"E": "H",
"RC": "C"
}
}
},
"data_format": "MITRE"
}

320
2020/4xxx/CVE-2020-4546.json
View File

@ -1,163 +1,163 @@
{
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6325343",
"title" : "IBM Security Bulletin 6325343 (Rational Rhapsody Design Manager)",
"name" : "https://www.ibm.com/support/pages/node/6325343",
"refsource" : "CONFIRM"
},
{
"refsource" : "XF",
"name" : "ibm-ewm-cve20204546-xss (183314)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/183314"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "H",
"RL" : "O"
},
"BM" : {
"UI" : "R",
"PR" : "L",
"A" : "N",
"I" : "L",
"AC" : "L",
"SCORE" : "5.400",
"S" : "C",
"AV" : "N",
"C" : "L"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Engineering Workflow Management",
"version" : {
"version_data" : [
{
"version_value" : "7.0"
}
]
}
},
{
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
},
{
"version_value" : "7.0"
}
]
},
"product_name" : "Rational Team Concert"
},
{
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
},
{
"version_value" : "7.0"
}
]
},
"product_name" : "Rational DOORS Next Generation"
},
{
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Quality Manager"
},
{
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
},
{
"version_value" : "7.0"
}
]
},
"product_name" : "Rational Rhapsody Design Manager"
}
]
}
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
}
},
"CVE_data_meta" : {
"ID" : "CVE-2020-4546",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-09-01T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com"
},
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183314.",
"lang" : "eng"
}
]
}
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6325343",
"title": "IBM Security Bulletin 6325343 (Rational Rhapsody Design Manager)",
"name": "https://www.ibm.com/support/pages/node/6325343",
"refsource": "CONFIRM"
},
{
"refsource": "XF",
"name": "ibm-ewm-cve20204546-xss (183314)",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/183314"
}
]
},
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"E": "H",
"RL": "O"
},
"BM": {
"UI": "R",
"PR": "L",
"A": "N",
"I": "L",
"AC": "L",
"SCORE": "5.400",
"S": "C",
"AV": "N",
"C": "L"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Engineering Workflow Management",
"version": {
"version_data": [
{
"version_value": "7.0"
}
]
}
},
{
"version": {
"version_data": [
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
}
]
},
"product_name": "Rational Team Concert"
},
{
"version": {
"version_data": [
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
}
]
},
"product_name": "Rational DOORS Next Generation"
},
{
"version": {
"version_data": [
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
},
"product_name": "Rational Quality Manager"
},
{
"version": {
"version_data": [
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
}
]
},
"product_name": "Rational Rhapsody Design Manager"
}
]
}
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2020-4546",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-09-01T00:00:00",
"ASSIGNER": "psirt@us.ibm.com"
},
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"value": "IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183314.",
"lang": "eng"
}
]
}
}

192
2020/4xxx/CVE-2020-4693.json
View File

@ -1,99 +1,99 @@
{
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6325341 (Spectrum Protect Operations Center)",
"url" : "https://www.ibm.com/support/pages/node/6325341",
"name" : "https://www.ibm.com/support/pages/node/6325341",
"refsource" : "CONFIRM"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/186782",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-spectrum-cve20204693-code-exec (186782)",
"refsource" : "XF"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
},
"BM" : {
"I" : "H",
"AC" : "L",
"A" : "N",
"UI" : "N",
"PR" : "N",
"S" : "U",
"AV" : "N",
"C" : "H",
"SCORE" : "9.100"
}
}
},
"data_format" : "MITRE",
"data_version" : "4.0",
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8.1.0.000 through 8.1.9 may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior to export. IBM X-Force ID: 186782."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"references": {
"reference_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Spectrum Protect Operations Center",
"version" : {
"version_data" : [
{
"version_value" : "7.1.0.000"
},
{
"version_value" : "8.1.0.000"
},
{
"version_value" : "7.1.10"
},
{
"version_value" : "8.1.9"
}
]
}
}
]
},
"vendor_name" : "IBM"
"title": "IBM Security Bulletin 6325341 (Spectrum Protect Operations Center)",
"url": "https://www.ibm.com/support/pages/node/6325341",
"name": "https://www.ibm.com/support/pages/node/6325341",
"refsource": "CONFIRM"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/186782",
"title": "X-Force Vulnerability Report",
"name": "ibm-spectrum-cve20204693-code-exec (186782)",
"refsource": "XF"
}
]
}
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-09-01T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4693"
}
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Access",
"lang": "eng"
}
]
}
]
},
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
},
"BM": {
"I": "H",
"AC": "L",
"A": "N",
"UI": "N",
"PR": "N",
"S": "U",
"AV": "N",
"C": "H",
"SCORE": "9.100"
}
}
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8.1.0.000 through 8.1.9 may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior to export. IBM X-Force ID: 186782."
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spectrum Protect Operations Center",
"version": {
"version_data": [
{
"version_value": "7.1.0.000"
},
{
"version_value": "8.1.0.000"
},
{
"version_value": "7.1.10"
},
{
"version_value": "8.1.9"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"CVE_data_meta": {
"DATE_PUBLIC": "2020-09-01T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4693"
}
}