diff --git a/2020/0xxx/CVE-2020-0049.json b/2020/0xxx/CVE-2020-0049.json new file mode 100644 index 00000000000..6e1641119df --- /dev/null +++ b/2020/0xxx/CVE-2020-0049.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0049", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/pixel/2020-03-01", + "url": "https://source.android.com/security/bulletin/pixel/2020-03-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In onReadBuffer() of StreamingSource.cpp, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140177694" + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0050.json b/2020/0xxx/CVE-2020-0050.json new file mode 100644 index 00000000000..fce132ad978 --- /dev/null +++ b/2020/0xxx/CVE-2020-0050.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0050", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/pixel/2020-03-01", + "url": "https://source.android.com/security/bulletin/pixel/2020-03-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In nfa_hciu_send_msg of nfa_hci_utils.cc, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124521372" + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0051.json b/2020/0xxx/CVE-2020-0051.json new file mode 100644 index 00000000000..e0711eb980b --- /dev/null +++ b/2020/0xxx/CVE-2020-0051.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0051", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/pixel/2020-03-01", + "url": "https://source.android.com/security/bulletin/pixel/2020-03-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In onCreate of SettingsHomepageActivity, there is a possible tapjacking attack. This could lead to local escalation of privilege in Settings with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-138442483" + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0052.json b/2020/0xxx/CVE-2020-0052.json new file mode 100644 index 00000000000..8f61587a302 --- /dev/null +++ b/2020/0xxx/CVE-2020-0052.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0052", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/pixel/2020-03-01", + "url": "https://source.android.com/security/bulletin/pixel/2020-03-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In smsSelected of AnswerFragment.java, there is a way to send an SMS from the lock screen due to a permissions bypass. This could lead to local escalation of privilege on the lock screen with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137102479" + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0053.json b/2020/0xxx/CVE-2020-0053.json new file mode 100644 index 00000000000..6ab2c69f353 --- /dev/null +++ b/2020/0xxx/CVE-2020-0053.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0053", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/pixel/2020-03-01", + "url": "https://source.android.com/security/bulletin/pixel/2020-03-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In convertHidlNanDataPathInitiatorRequestToLegacy, and convertHidlNanDataPathIndicationResponseToLegacy of hidl_struct_util.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143789898" + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0054.json b/2020/0xxx/CVE-2020-0054.json new file mode 100644 index 00000000000..62f78da817c --- /dev/null +++ b/2020/0xxx/CVE-2020-0054.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0054", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/pixel/2020-03-01", + "url": "https://source.android.com/security/bulletin/pixel/2020-03-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In WifiNetworkSuggestionsManager of WifiNetworkSuggestionsManager.java, there is a possible permission revocation due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146642727" + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0055.json b/2020/0xxx/CVE-2020-0055.json new file mode 100644 index 00000000000..cc39589706f --- /dev/null +++ b/2020/0xxx/CVE-2020-0055.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0055", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/pixel/2020-03-01", + "url": "https://source.android.com/security/bulletin/pixel/2020-03-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In l2c_link_process_num_completed_pkts of l2c_link.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141617601" + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0056.json b/2020/0xxx/CVE-2020-0056.json new file mode 100644 index 00000000000..0aba914bdfd --- /dev/null +++ b/2020/0xxx/CVE-2020-0056.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0056", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/pixel/2020-03-01", + "url": "https://source.android.com/security/bulletin/pixel/2020-03-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In btu_hcif_connection_comp_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141619686" + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0057.json b/2020/0xxx/CVE-2020-0057.json new file mode 100644 index 00000000000..27b42ea256e --- /dev/null +++ b/2020/0xxx/CVE-2020-0057.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0057", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/pixel/2020-03-01", + "url": "https://source.android.com/security/bulletin/pixel/2020-03-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In btm_process_inq_results of btm_inq.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141620271" + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0085.json b/2020/0xxx/CVE-2020-0085.json new file mode 100644 index 00000000000..f2f09e8c9c6 --- /dev/null +++ b/2020/0xxx/CVE-2020-0085.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0085", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/pixel/2020-03-01", + "url": "https://source.android.com/security/bulletin/pixel/2020-03-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In setBluetoothTethering of PanService.java, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege to activate tethering with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-134487438" + } + ] + } +} \ No newline at end of file diff --git a/2020/10xxx/CVE-2020-10372.json b/2020/10xxx/CVE-2020-10372.json new file mode 100644 index 00000000000..75c400f7361 --- /dev/null +++ b/2020/10xxx/CVE-2020-10372.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-10372", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Ramp AltitudeCDN Altimeter before 2.4.0 allows authenticated Stored XSS via the vdms/ipmapping.jsp location field to the dms/rest/services/datastore/createOrEditValueForKey URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://labs.f-secure.com/advisories/ramp-altimeter-stored-xss/", + "refsource": "MISC", + "name": "https://labs.f-secure.com/advisories/ramp-altimeter-stored-xss/" + } + ] + } +} \ No newline at end of file diff --git a/2020/10xxx/CVE-2020-10373.json b/2020/10xxx/CVE-2020-10373.json new file mode 100644 index 00000000000..107331f2c18 --- /dev/null +++ b/2020/10xxx/CVE-2020-10373.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-10373", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/10xxx/CVE-2020-10374.json b/2020/10xxx/CVE-2020-10374.json new file mode 100644 index 00000000000..3f43e1a4b65 --- /dev/null +++ b/2020/10xxx/CVE-2020-10374.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-10374", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6178.json b/2020/6xxx/CVE-2020-6178.json index 45898572482..b9b556b2a10 100644 --- a/2020/6xxx/CVE-2020-6178.json +++ b/2020/6xxx/CVE-2020-6178.json @@ -4,14 +4,71 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6178", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Enable Now", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "before version 1911" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Enable Now, before version 1911, sends the Session ID cookie value in URL. This might be stolen from the browser history or log files, leading to Information Disclosure." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "5.4", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://launchpad.support.sap.com/#/notes/2880664", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2880664" + }, + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" } ] } diff --git a/2020/6xxx/CVE-2020-6196.json b/2020/6xxx/CVE-2020-6196.json index e22e5ee2a59..90c8873653f 100644 --- a/2020/6xxx/CVE-2020-6196.json +++ b/2020/6xxx/CVE-2020-6196.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6196", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP BusinessObjects Mobile (MobileBIService)", + "version": { + "version_data": [ + { + "version_value": "4.2" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP BusinessObjects Mobile (MobileBIService), version 4.2, allows an attacker to generate multiple requests, using which he can block all the threads resulting in a Denial of Service." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "7.5", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://launchpad.support.sap.com/#/notes/2826782", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2826782" + }, + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" } ] } diff --git a/2020/6xxx/CVE-2020-6197.json b/2020/6xxx/CVE-2020-6197.json index 9f613b07200..811229ac5cc 100644 --- a/2020/6xxx/CVE-2020-6197.json +++ b/2020/6xxx/CVE-2020-6197.json @@ -4,14 +4,71 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6197", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Enable Now", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "before version 1908" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. The Insufficient Session Expiration may allow attackers with local access, for instance, to still download the portables." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "3.8", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficient Session Expiration" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2845363", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2845363" } ] } diff --git a/2020/6xxx/CVE-2020-6198.json b/2020/6xxx/CVE-2020-6198.json index a2ebe1f118e..87b4da9de4c 100644 --- a/2020/6xxx/CVE-2020-6198.json +++ b/2020/6xxx/CVE-2020-6198.json @@ -4,14 +4,71 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6198", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Solution Manager (Diagnostics Agent)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "7.2" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from unauthenticated sources. This allows an attacker to control all remote functions on the Agent due to Missing Authentication Check." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "9.8", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Authentication Check" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2845377", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2845377" } ] } diff --git a/2020/6xxx/CVE-2020-6199.json b/2020/6xxx/CVE-2020-6199.json index d126d6493e2..a496ec2e4c2 100644 --- a/2020/6xxx/CVE-2020-6199.json +++ b/2020/6xxx/CVE-2020-6199.json @@ -4,14 +4,113 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6199", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP ERP (EAPPGLO)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "607" + } + ] + } + }, + { + "product_name": "SAP ERP (SAP_FIN)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "618" + }, + { + "version_name": "<", + "version_value": "730" + } + ] + } + }, + { + "product_name": "SAP S/4HANA (S4CORE)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "100" + }, + { + "version_name": "<", + "version_value": "101" + }, + { + "version_name": "<", + "version_value": "102" + }, + { + "version_name": "<", + "version_value": "103" + }, + { + "version_name": "<", + "version_value": "104" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The view FIMENAV_COMPCERT in SAP ERP (MENA Certificate Management), EAPPGLO version 607, SAP_FIN versions- 618, 730 and SAP S/4HANA (MENA Certificate Management), S4CORE versions- 100, 101, 102, 103, 104; does not have any authorization check to it due to which an attacker without an authorization group can maintain any company certificate, leading to Missing Authorization Check." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "5.4", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Authorization Check" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2871167", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2871167" } ] } diff --git a/2020/6xxx/CVE-2020-6200.json b/2020/6xxx/CVE-2020-6200.json index cd528e26ae3..736f0816ee4 100644 --- a/2020/6xxx/CVE-2020-6200.json +++ b/2020/6xxx/CVE-2020-6200.json @@ -4,14 +4,83 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6200", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Commerce Cloud (SmartEdit Extension)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "6.6" + }, + { + "version_name": "<", + "version_value": "6.7" + }, + { + "version_name": "<", + "version_value": "1808" + }, + { + "version_name": "<", + "version_value": "1811" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The SAP Commerce (SmartEdit Extension), versions- 6.6, 6.7, 1808, 1811, is vulnerable to client-side angularjs template injection, a variant of Cross-Site-Scripting (XSS) that exploits the templating facilities of the angular framework." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "5.4", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site-Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2876413", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2876413" } ] } diff --git a/2020/6xxx/CVE-2020-6201.json b/2020/6xxx/CVE-2020-6201.json index 4d8cfe98b63..f7e35b1861b 100644 --- a/2020/6xxx/CVE-2020-6201.json +++ b/2020/6xxx/CVE-2020-6201.json @@ -4,14 +4,87 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6201", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Commerce Cloud (Testweb Extension)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "6.6" + }, + { + "version_name": "<", + "version_value": "6.7" + }, + { + "version_name": "<", + "version_value": "1808" + }, + { + "version_name": "<", + "version_value": "1811" + }, + { + "version_name": "<", + "version_value": "1905" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The SAP Commerce (Testweb Extension), versions- 6.6, 6.7, 1808, 1811, 1905, does not sufficiently encode user-controlled inputs, due to which certain GET URL parameters are reflected in the HTTP responses without escaping/sanitization, leading to Reflected Cross Site Scripting." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "6.1", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2876813", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2876813" } ] } diff --git a/2020/6xxx/CVE-2020-6202.json b/2020/6xxx/CVE-2020-6202.json index f9970e32095..6e1bdd462f0 100644 --- a/2020/6xxx/CVE-2020-6202.json +++ b/2020/6xxx/CVE-2020-6202.json @@ -4,14 +4,95 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6202", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP NetWeaver Application Server Java (User Management Engine)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "7.10" + }, + { + "version_name": "<", + "version_value": "7.11" + }, + { + "version_name": "<", + "version_value": "7.20" + }, + { + "version_name": "<", + "version_value": "7.30" + }, + { + "version_name": "<", + "version_value": "7.31" + }, + { + "version_name": "<", + "version_value": "7.40" + }, + { + "version_name": "<", + "version_value": "7.50" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP NetWeaver Application Server Java (User Management Engine), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; does not sufficiently validate the LDAP data source configuration XML document accepted from an untrusted source, leading to Missing XML Validation." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "5.5", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing XML Validation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2847787", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2847787" } ] } diff --git a/2020/6xxx/CVE-2020-6203.json b/2020/6xxx/CVE-2020-6203.json index 5bf8a76b2aa..4b263b352e1 100644 --- a/2020/6xxx/CVE-2020-6203.json +++ b/2020/6xxx/CVE-2020-6203.json @@ -4,14 +4,95 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6203", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP NetWeaver UDDI Server (Services Registry)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "7.10" + }, + { + "version_name": "<", + "version_value": "7.11" + }, + { + "version_name": "<", + "version_value": "7.20" + }, + { + "version_name": "<", + "version_value": "7.30" + }, + { + "version_name": "<", + "version_value": "7.31" + }, + { + "version_name": "<", + "version_value": "7.40" + }, + { + "version_name": "<", + "version_value": "7.50" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to Path Traversal." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "9.1", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Path Traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2806198", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2806198" } ] } diff --git a/2020/6xxx/CVE-2020-6204.json b/2020/6xxx/CVE-2020-6204.json index 68d9ec07f81..b50a5f0941b 100644 --- a/2020/6xxx/CVE-2020-6204.json +++ b/2020/6xxx/CVE-2020-6204.json @@ -4,14 +4,126 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6204", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Treasury and Risk Management (Transaction Management) (EA-FINSERV)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "600" + }, + { + "version_name": "<", + "version_value": "603" + }, + { + "version_name": "<", + "version_value": "604" + }, + { + "version_name": "<", + "version_value": "605" + }, + { + "version_name": "<", + "version_value": "606" + }, + { + "version_name": "<", + "version_value": "616" + }, + { + "version_name": "<", + "version_value": "617" + }, + { + "version_name": "<", + "version_value": "618" + }, + { + "version_name": "<", + "version_value": "800" + } + ] + } + }, + { + "product_name": "SAP Treasury and Risk Management (Transaction Management) (S4CORE)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "101" + }, + { + "version_name": "<", + "version_value": "102" + }, + { + "version_name": "<", + "version_value": "103" + }, + { + "version_name": "<", + "version_value": "104" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The selection query in SAP Treasury and Risk Management (Transaction Management) (EA-FINSERV?versions 600, 603, 604, 605, 606, 616, 617, 618, 800 and S4CORE versions 101, 102, 103, 104) returns more records than it should be when selecting and displaying the contract number, leading to Missing Authorization Check." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "4.3", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Authorization Check" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2841874", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2841874" } ] } diff --git a/2020/6xxx/CVE-2020-6205.json b/2020/6xxx/CVE-2020-6205.json index ed012908f76..31ac5ca091b 100644 --- a/2020/6xxx/CVE-2020-6205.json +++ b/2020/6xxx/CVE-2020-6205.json @@ -4,14 +4,119 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6205", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP NetWeaver Application Server ABAP (Smart Forms) - SAP_BASIS", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "7.00" + }, + { + "version_name": "<", + "version_value": "7.01" + }, + { + "version_name": "<", + "version_value": "7.02" + }, + { + "version_name": "<", + "version_value": "7.10" + }, + { + "version_name": "<", + "version_value": "7.11" + }, + { + "version_name": "<", + "version_value": "7.30" + }, + { + "version_name": "<", + "version_value": "7.31" + }, + { + "version_name": "<", + "version_value": "7.40" + }, + { + "version_name": "<", + "version_value": "7.50" + }, + { + "version_name": "<", + "version_value": "7.51" + }, + { + "version_name": "<", + "version_value": "7.52" + }, + { + "version_name": "<", + "version_value": "7.53" + }, + { + "version_name": "<", + "version_value": "7.54" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP NetWeaver AS ABAP Business Server Pages (Smart Forms), SAP_BASIS versions- 7.00, 7.01, 7.02, 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, 7.51, 7.52, 7.53, 7.54; does not sufficiently encode user controlled inputs, allowing an unauthenticated attacker to non-permanently deface or modify displayed content and/or steal authentication information of the user and/or impersonate the user and access all information with the same rights as the target user, leading to Reflected Cross Site Scripting Vulnerability." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "6.1", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2884910", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2884910" } ] } diff --git a/2020/6xxx/CVE-2020-6206.json b/2020/6xxx/CVE-2020-6206.json index 728adaa350b..4d5f41bf647 100644 --- a/2020/6xxx/CVE-2020-6206.json +++ b/2020/6xxx/CVE-2020-6206.json @@ -4,14 +4,71 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6206", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Cloud Platform Integration for Data Services", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Cloud Platform Integration for Data Services, version 1.0, allows user inputs to be reflected as error or warning massages. This could mislead the victim to follow malicious instructions inserted by external attackers, leading to Cross Site Request Forgery." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "4.7", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross Site Request Forgery" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2859004", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2859004" } ] } diff --git a/2020/6xxx/CVE-2020-6207.json b/2020/6xxx/CVE-2020-6207.json index 30475491f52..d5d6dbe956e 100644 --- a/2020/6xxx/CVE-2020-6207.json +++ b/2020/6xxx/CVE-2020-6207.json @@ -4,14 +4,71 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6207", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Solution Manager (User Experience Monitoring)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "7.2" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "10.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Authentication Check" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2890213", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2890213" } ] } diff --git a/2020/6xxx/CVE-2020-6208.json b/2020/6xxx/CVE-2020-6208.json index 4fb8d07af30..2f06c2afb04 100644 --- a/2020/6xxx/CVE-2020-6208.json +++ b/2020/6xxx/CVE-2020-6208.json @@ -4,14 +4,75 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6208", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Business Objects Business Intelligence Platform (Crystal Reports)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "4.1" + }, + { + "version_name": "<", + "version_value": "4.2" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Business Objects Business Intelligence Platform (Crystal Reports), versions- 4.1, 4.2, allows an attacker with basic authorization to inject code that can be executed by the application and thus allowing the attacker to control the behaviour of the application, leading to Remote Code Execution. Although the mode of attack is only Local, multiple applications can be impacted as a result of the vulnerability." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "7.5", + "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2861301", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2861301" } ] } diff --git a/2020/6xxx/CVE-2020-6209.json b/2020/6xxx/CVE-2020-6209.json index c706b4f5f6c..74e7c413fd7 100644 --- a/2020/6xxx/CVE-2020-6209.json +++ b/2020/6xxx/CVE-2020-6209.json @@ -4,14 +4,71 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6209", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Disclosure Management", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "10.1" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Disclosure Management, version 10.1, does not perform necessary authorization checks for an authenticated user, allowing access to administration accounts by a user with no roles, leading to Missing Authorization Check." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "7.5", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Authorization Check" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2858044", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2858044" } ] } diff --git a/2020/6xxx/CVE-2020-6210.json b/2020/6xxx/CVE-2020-6210.json index 3bdb154c6d8..e914469f389 100644 --- a/2020/6xxx/CVE-2020-6210.json +++ b/2020/6xxx/CVE-2020-6210.json @@ -4,14 +4,75 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6210", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Fiori Launchpad", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "753" + }, + { + "version_name": "<", + "version_value": "754" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode user-controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, leading to reflected Cross-Site Scripting (XSS) vulnerability." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "4.7", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2864462", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2864462" } ] }