admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-06-23 21:01:13 +00:00
parent 894db4ef1a
commit 7451c2bd28
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
7 changed files with 69 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/13xxx/CVE-2019-13363.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/154484/Piwigo-2.9.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/154484/Piwigo-2.9.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
},
{
"refsource": "FULLDISC",
"name": "20200623 GilaCMS - CVE-2019-13364 CVE-2019-13363",
"url": "http://seclists.org/fulldisclosure/2020/Jun/29"
}
]
}

5
2019/13xxx/CVE-2019-13364.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/154484/Piwigo-2.9.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/154484/Piwigo-2.9.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
},
{
"refsource": "FULLDISC",
"name": "20200623 GilaCMS - CVE-2019-13364 CVE-2019-13363",
"url": "http://seclists.org/fulldisclosure/2020/Jun/29"
}
]
}

5
2019/20xxx/CVE-2019-20803.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/GilaCMS/gila/issues/56",
"refsource": "MISC",
"name": "https://github.com/GilaCMS/gila/issues/56"
},
{
"refsource": "FULLDISC",
"name": "20200623 GilaCMS - CVE-2019-13364 CVE-2019-13363",
"url": "http://seclists.org/fulldisclosure/2020/Jun/29"
}
]
}

5
2019/20xxx/CVE-2019-20804.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/GilaCMS/gila/issues/57",
"refsource": "MISC",
"name": "https://github.com/GilaCMS/gila/issues/57"
},
{
"refsource": "FULLDISC",
"name": "20200623 GilaCMS - CVE-2019-13364 CVE-2019-13363",
"url": "http://seclists.org/fulldisclosure/2020/Jun/29"
}
]
}

43
2020/5xxx/CVE-2020-5345.json
View File

@ -1,10 +1,10 @@
{
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2020-06-18",
"ID": "CVE-2020-5345",
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2020-06-18",
"ID": "CVE-2020-5345",
"STATE": "PUBLIC"
},
},
"affects": {
"vendor": {
"vendor_data": [
@ -12,59 +12,60 @@
"product": {
"product_data": [
{
"product_name": "Unisphere for PowerMax",
"product_name": "Unisphere for PowerMax",
"version": {
"version_data": [
{
"version_affected": "<",
"version_affected": "<",
"version_value": "9.1.0.17"
}
]
}
}
]
},
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"lang": "eng",
"value": "Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability. An authenticated malicious user may potentially execute commands to alter or stop database statistics."
}
]
},
},
"impact": {
"cvss": {
"baseScore": 6.4,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"baseScore": 6.4,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
}
},
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"lang": "eng",
"value": "CWE-602: Client-Side Enforcement of Server-Side Security"
}
]
}
]
},
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance"
"refsource": "MISC",
"url": "https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance",
"name": "https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance"
}
]
}

43
2020/5xxx/CVE-2020-5367.json
View File

@ -1,10 +1,10 @@
{
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2020-06-18",
"ID": "CVE-2020-5367",
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2020-06-18",
"ID": "CVE-2020-5367",
"STATE": "PUBLIC"
},
},
"affects": {
"vendor": {
"vendor_data": [
@ -12,59 +12,60 @@
"product": {
"product_data": [
{
"product_name": "Unisphere for PowerMax",
"product_name": "Unisphere for PowerMax",
"version": {
"version_data": [
{
"version_affected": "<",
"version_affected": "<",
"version_value": "9.1.0.17"
}
]
}
}
]
},
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"lang": "eng",
"value": "Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim\u2019s data in transit."
}
]
},
},
"impact": {
"cvss": {
"baseScore": 7.4,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.4,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"lang": "eng",
"value": "CWE-295: Improper Certificate Validation"
}
]
}
]
},
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance"
"refsource": "MISC",
"url": "https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance",
"name": "https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance"
}
]
}

5
2020/8xxx/CVE-2020-8469.json
View File

@ -56,6 +56,11 @@
"url": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124168.aspx",
"refsource": "MISC",
"name": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124168.aspx"
},
{
"refsource": "FULLDISC",
"name": "20200623 DLL Hijacking at the Trend Micro Password Manager (CVE-2020-8469)",
"url": "http://seclists.org/fulldisclosure/2020/Jun/30"
}
]
}