diff --git a/2019/13xxx/CVE-2019-13363.json b/2019/13xxx/CVE-2019-13363.json index b81a983c264..8d302ad61e8 100644 --- a/2019/13xxx/CVE-2019-13363.json +++ b/2019/13xxx/CVE-2019-13363.json @@ -71,6 +71,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/154484/Piwigo-2.9.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html", "url": "http://packetstormsecurity.com/files/154484/Piwigo-2.9.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" + }, + { + "refsource": "FULLDISC", + "name": "20200623 GilaCMS - CVE-2019-13364 CVE-2019-13363", + "url": "http://seclists.org/fulldisclosure/2020/Jun/29" } ] } diff --git a/2019/13xxx/CVE-2019-13364.json b/2019/13xxx/CVE-2019-13364.json index d635145bc2f..15e0126eba5 100644 --- a/2019/13xxx/CVE-2019-13364.json +++ b/2019/13xxx/CVE-2019-13364.json @@ -71,6 +71,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/154484/Piwigo-2.9.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html", "url": "http://packetstormsecurity.com/files/154484/Piwigo-2.9.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" + }, + { + "refsource": "FULLDISC", + "name": "20200623 GilaCMS - CVE-2019-13364 CVE-2019-13363", + "url": "http://seclists.org/fulldisclosure/2020/Jun/29" } ] } diff --git a/2019/20xxx/CVE-2019-20803.json b/2019/20xxx/CVE-2019-20803.json index 6b083c83371..c2ab44d4f5d 100644 --- a/2019/20xxx/CVE-2019-20803.json +++ b/2019/20xxx/CVE-2019-20803.json @@ -56,6 +56,11 @@ "url": "https://github.com/GilaCMS/gila/issues/56", "refsource": "MISC", "name": "https://github.com/GilaCMS/gila/issues/56" + }, + { + "refsource": "FULLDISC", + "name": "20200623 GilaCMS - CVE-2019-13364 CVE-2019-13363", + "url": "http://seclists.org/fulldisclosure/2020/Jun/29" } ] } diff --git a/2019/20xxx/CVE-2019-20804.json b/2019/20xxx/CVE-2019-20804.json index 72e4a8f93b3..07b87a07d87 100644 --- a/2019/20xxx/CVE-2019-20804.json +++ b/2019/20xxx/CVE-2019-20804.json @@ -56,6 +56,11 @@ "url": "https://github.com/GilaCMS/gila/issues/57", "refsource": "MISC", "name": "https://github.com/GilaCMS/gila/issues/57" + }, + { + "refsource": "FULLDISC", + "name": "20200623 GilaCMS - CVE-2019-13364 CVE-2019-13363", + "url": "http://seclists.org/fulldisclosure/2020/Jun/29" } ] } diff --git a/2020/5xxx/CVE-2020-5345.json b/2020/5xxx/CVE-2020-5345.json index 9d2fc3ad0b4..ef8cc4f4c47 100644 --- a/2020/5xxx/CVE-2020-5345.json +++ b/2020/5xxx/CVE-2020-5345.json @@ -1,10 +1,10 @@ { "CVE_data_meta": { - "ASSIGNER": "secure@dell.com", - "DATE_PUBLIC": "2020-06-18", - "ID": "CVE-2020-5345", + "ASSIGNER": "secure@dell.com", + "DATE_PUBLIC": "2020-06-18", + "ID": "CVE-2020-5345", "STATE": "PUBLIC" - }, + }, "affects": { "vendor": { "vendor_data": [ @@ -12,59 +12,60 @@ "product": { "product_data": [ { - "product_name": "Unisphere for PowerMax", + "product_name": "Unisphere for PowerMax", "version": { "version_data": [ { - "version_affected": "<", + "version_affected": "<", "version_value": "9.1.0.17" } ] } } ] - }, + }, "vendor_name": "Dell" } ] } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { - "lang": "eng", + "lang": "eng", "value": "Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability. An authenticated malicious user may potentially execute commands to alter or stop database statistics." } ] - }, + }, "impact": { "cvss": { - "baseScore": 6.4, - "baseSeverity": "Medium", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", "version": "3.1" } - }, + }, "problemtype": { "problemtype_data": [ { "description": [ { - "lang": "eng", + "lang": "eng", "value": "CWE-602: Client-Side Enforcement of Server-Side Security" } ] } ] - }, + }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance" + "refsource": "MISC", + "url": "https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance", + "name": "https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance" } ] } diff --git a/2020/5xxx/CVE-2020-5367.json b/2020/5xxx/CVE-2020-5367.json index e7863d8a49b..950fab13d7e 100644 --- a/2020/5xxx/CVE-2020-5367.json +++ b/2020/5xxx/CVE-2020-5367.json @@ -1,10 +1,10 @@ { "CVE_data_meta": { - "ASSIGNER": "secure@dell.com", - "DATE_PUBLIC": "2020-06-18", - "ID": "CVE-2020-5367", + "ASSIGNER": "secure@dell.com", + "DATE_PUBLIC": "2020-06-18", + "ID": "CVE-2020-5367", "STATE": "PUBLIC" - }, + }, "affects": { "vendor": { "vendor_data": [ @@ -12,59 +12,60 @@ "product": { "product_data": [ { - "product_name": "Unisphere for PowerMax", + "product_name": "Unisphere for PowerMax", "version": { "version_data": [ { - "version_affected": "<", + "version_affected": "<", "version_value": "9.1.0.17" } ] } } ] - }, + }, "vendor_name": "Dell" } ] } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { - "lang": "eng", + "lang": "eng", "value": "Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim\u2019s data in transit." } ] - }, + }, "impact": { "cvss": { - "baseScore": 7.4, - "baseSeverity": "High", - "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.4, + "baseSeverity": "High", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } - }, + }, "problemtype": { "problemtype_data": [ { "description": [ { - "lang": "eng", + "lang": "eng", "value": "CWE-295: Improper Certificate Validation" } ] } ] - }, + }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance" + "refsource": "MISC", + "url": "https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance", + "name": "https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance" } ] } diff --git a/2020/8xxx/CVE-2020-8469.json b/2020/8xxx/CVE-2020-8469.json index 3c447f161f8..00f8a0d3c56 100644 --- a/2020/8xxx/CVE-2020-8469.json +++ b/2020/8xxx/CVE-2020-8469.json @@ -56,6 +56,11 @@ "url": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124168.aspx", "refsource": "MISC", "name": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124168.aspx" + }, + { + "refsource": "FULLDISC", + "name": "20200623 DLL Hijacking at the Trend Micro Password Manager (CVE-2020-8469)", + "url": "http://seclists.org/fulldisclosure/2020/Jun/30" } ] }