From 8054812fb1e1459c03cd98f4b33906535412b2f9 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 14 Jul 2020 13:01:21 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/11xxx/CVE-2020-11951.json | 56 +++++++++++++-- 2020/12xxx/CVE-2020-12025.json | 50 +++++++++++++- 2020/13xxx/CVE-2020-13925.json | 50 +++++++++++++- 2020/13xxx/CVE-2020-13926.json | 50 +++++++++++++- 2020/15xxx/CVE-2020-15711.json | 67 ++++++++++++++++++ 2020/15xxx/CVE-2020-15712.json | 18 +++++ 2020/15xxx/CVE-2020-15713.json | 18 +++++ 2020/15xxx/CVE-2020-15714.json | 18 +++++ 2020/15xxx/CVE-2020-15715.json | 18 +++++ 2020/15xxx/CVE-2020-15716.json | 18 +++++ 2020/15xxx/CVE-2020-15717.json | 18 +++++ 2020/15xxx/CVE-2020-15718.json | 18 +++++ 2020/6xxx/CVE-2020-6267.json | 63 ++++++++++++++++- 2020/6xxx/CVE-2020-6276.json | 63 ++++++++++++++++- 2020/6xxx/CVE-2020-6278.json | 67 +++++++++++++++++- 2020/6xxx/CVE-2020-6280.json | 71 ++++++++++++++++++- 2020/6xxx/CVE-2020-6281.json | 63 ++++++++++++++++- 2020/6xxx/CVE-2020-6282.json | 122 ++++++++++++++++++++++++++++++++- 2020/6xxx/CVE-2020-6285.json | 87 ++++++++++++++++++++++- 2020/6xxx/CVE-2020-6286.json | 75 +++++++++++++++++++- 2020/6xxx/CVE-2020-6287.json | 75 +++++++++++++++++++- 2020/6xxx/CVE-2020-6289.json | 63 ++++++++++++++++- 2020/6xxx/CVE-2020-6290.json | 63 ++++++++++++++++- 2020/6xxx/CVE-2020-6291.json | 63 ++++++++++++++++- 2020/6xxx/CVE-2020-6292.json | 63 ++++++++++++++++- 25 files changed, 1283 insertions(+), 54 deletions(-) create mode 100644 2020/15xxx/CVE-2020-15711.json create mode 100644 2020/15xxx/CVE-2020-15712.json create mode 100644 2020/15xxx/CVE-2020-15713.json create mode 100644 2020/15xxx/CVE-2020-15714.json create mode 100644 2020/15xxx/CVE-2020-15715.json create mode 100644 2020/15xxx/CVE-2020-15716.json create mode 100644 2020/15xxx/CVE-2020-15717.json create mode 100644 2020/15xxx/CVE-2020-15718.json diff --git a/2020/11xxx/CVE-2020-11951.json b/2020/11xxx/CVE-2020-11951.json index a15264d5425..6f96b826818 100644 --- a/2020/11xxx/CVE-2020-11951.json +++ b/2020/11xxx/CVE-2020-11951.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11951", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11951", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices. There is a Backdoor root account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-multiple-rittal-products-based-on-same-software/", + "url": "https://sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-multiple-rittal-products-based-on-same-software/" } ] } diff --git a/2020/12xxx/CVE-2020-12025.json b/2020/12xxx/CVE-2020-12025.json index e2f3e1850d7..6896ca3e72a 100644 --- a/2020/12xxx/CVE-2020-12025.json +++ b/2020/12xxx/CVE-2020-12025.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12025", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Rockwell Automation Logix Designer Studio 5000 Versions 32.00, 32.01, and 32.02", + "version": { + "version_data": [ + { + "version_value": "Rockwell Automation Logix Designer Studio 5000 Versions 32.00, 32.01, and 32.02" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-191-02", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-191-02" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Rockwell Automation Logix Designer Studio 5000 Versions 32.00, 32.01, and 32.02 vulnerable to an xml external entity (XXE) vulnerability, which may allow an attacker to view hostnames or other resources from the program." } ] } diff --git a/2020/13xxx/CVE-2020-13925.json b/2020/13xxx/CVE-2020-13925.json index df9ec8c5734..7f7b5426543 100644 --- a/2020/13xxx/CVE-2020-13925.json +++ b/2020/13xxx/CVE-2020-13925.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13925", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Apache Kylin", + "version": { + "version_data": [ + { + "version_value": "Apache Kylin 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1 3.0.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Command Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r250a867961cfd6e0506240a9c7eaee782d84c6ab0091c7c4bc45f3eb%40%3Cuser.kylin.apache.org%3E", + "url": "https://lists.apache.org/thread.html/r250a867961cfd6e0506240a9c7eaee782d84c6ab0091c7c4bc45f3eb%40%3Cuser.kylin.apache.org%3E" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Similar to CVE-2020-1956, Kylin has one more restful API which concatenates the API inputs into OS commands and then executes them on the server; while the reported API misses necessary input validation, which causes the hackers to have the possibility to execute OS command remotely. Users of all previous versions after 2.3 should upgrade to 3.1.0." } ] } diff --git a/2020/13xxx/CVE-2020-13926.json b/2020/13xxx/CVE-2020-13926.json index 8c9c20343a4..228ce2c82a2 100644 --- a/2020/13xxx/CVE-2020-13926.json +++ b/2020/13xxx/CVE-2020-13926.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13926", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Apache Kylin", + "version": { + "version_data": [ + { + "version_value": "Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1 3.0.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r63d5663169e866d44ff9250796193337cff7d9cf61cc3839e86163fd%40%3Cuser.kylin.apache.org%3E", + "url": "https://lists.apache.org/thread.html/r63d5663169e866d44ff9250796193337cff7d9cf61cc3839e86163fd%40%3Cuser.kylin.apache.org%3E" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kylin concatenates and executes a Hive SQL in Hive CLI or beeline when building a new segment; some part of the HQL is from system configurations, while the configuration can be overwritten by certain rest api, which makes SQL injection attack is possible. Users of all previous versions after 2.0 should upgrade to 3.1.0." } ] } diff --git a/2020/15xxx/CVE-2020-15711.json b/2020/15xxx/CVE-2020-15711.json new file mode 100644 index 00000000000..896b8fdf968 --- /dev/null +++ b/2020/15xxx/CVE-2020-15711.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-15711", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In MISP before 2.4.129, setting a favourite homepage was not CSRF protected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/MISP/MISP/commit/bf4610c947c7dc372c4078f363d2dff6ae0703a8", + "refsource": "MISC", + "name": "https://github.com/MISP/MISP/commit/bf4610c947c7dc372c4078f363d2dff6ae0703a8" + }, + { + "url": "https://github.com/MISP/MISP/compare/v2.4.128...v2.4.129", + "refsource": "MISC", + "name": "https://github.com/MISP/MISP/compare/v2.4.128...v2.4.129" + } + ] + } +} \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15712.json b/2020/15xxx/CVE-2020-15712.json new file mode 100644 index 00000000000..8214fb47b71 --- /dev/null +++ b/2020/15xxx/CVE-2020-15712.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-15712", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15713.json b/2020/15xxx/CVE-2020-15713.json new file mode 100644 index 00000000000..fb58a42767a --- /dev/null +++ b/2020/15xxx/CVE-2020-15713.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-15713", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15714.json b/2020/15xxx/CVE-2020-15714.json new file mode 100644 index 00000000000..7791c3bccde --- /dev/null +++ b/2020/15xxx/CVE-2020-15714.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-15714", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15715.json b/2020/15xxx/CVE-2020-15715.json new file mode 100644 index 00000000000..f9c3aa5f6a9 --- /dev/null +++ b/2020/15xxx/CVE-2020-15715.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-15715", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15716.json b/2020/15xxx/CVE-2020-15716.json new file mode 100644 index 00000000000..ef2f7002352 --- /dev/null +++ b/2020/15xxx/CVE-2020-15716.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-15716", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15717.json b/2020/15xxx/CVE-2020-15717.json new file mode 100644 index 00000000000..7149ab021f1 --- /dev/null +++ b/2020/15xxx/CVE-2020-15717.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-15717", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15718.json b/2020/15xxx/CVE-2020-15718.json new file mode 100644 index 00000000000..ed7f9dcce1c --- /dev/null +++ b/2020/15xxx/CVE-2020-15718.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-15718", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6267.json b/2020/6xxx/CVE-2020-6267.json index d26754e7077..a0b419caaf6 100644 --- a/2020/6xxx/CVE-2020-6267.json +++ b/2020/6xxx/CVE-2020-6267.json @@ -4,14 +4,71 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6267", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Disclosure Management", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Some sensitive cookies in SAP Disclosure Management, version 10.1, are missing HttpOnly flag, leading to sensitive cookie without Http Only flag." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "6.3", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-1004" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2758000", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2758000" } ] } diff --git a/2020/6xxx/CVE-2020-6276.json b/2020/6xxx/CVE-2020-6276.json index c693ae346a9..93f39155ea2 100644 --- a/2020/6xxx/CVE-2020-6276.json +++ b/2020/6xxx/CVE-2020-6276.json @@ -4,14 +4,71 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6276", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Business Objects Business Intelligence Platform (bipodata)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "4.2" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Business Objects Business Intelligence Platform (bipodata), version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "6.1", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://launchpad.support.sap.com/#/notes/2849967", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2849967" + }, + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675" } ] } diff --git a/2020/6xxx/CVE-2020-6278.json b/2020/6xxx/CVE-2020-6278.json index bbb989f4118..aaa04415a7d 100644 --- a/2020/6xxx/CVE-2020-6278.json +++ b/2020/6xxx/CVE-2020-6278.json @@ -4,14 +4,75 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6278", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Business Objects Business Intelligence Platform (BI Launchpad and CMC)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "4.1" + }, + { + "version_name": "<", + "version_value": "4.2" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Business Objects Business Intelligence Platform (BI Launchpad and CMC), versions 4.1, 4.2, allows to an attacker to embed malicious scripts in the application while uploading images, which gets executed when the victim opens these files, leading to Stored Cross Site Scripting" + } + ] + }, + "impact": { + "cvss": { + "baseScore": "5.4", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2912708", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2912708" } ] } diff --git a/2020/6xxx/CVE-2020-6280.json b/2020/6xxx/CVE-2020-6280.json index 97f97135519..8101db30e52 100644 --- a/2020/6xxx/CVE-2020-6280.json +++ b/2020/6xxx/CVE-2020-6280.json @@ -4,14 +4,79 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6280", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP NetWeaver (ABAP Server) and ABAP Platform", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "731" + }, + { + "version_name": "<", + "version_value": "740" + }, + { + "version_name": "<", + "version_value": "750" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "2.7", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2927373", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2927373" } ] } diff --git a/2020/6xxx/CVE-2020-6281.json b/2020/6xxx/CVE-2020-6281.json index 4e8ed847c30..1aac05c08d1 100644 --- a/2020/6xxx/CVE-2020-6281.json +++ b/2020/6xxx/CVE-2020-6281.json @@ -4,14 +4,71 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6281", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Business Objects Business Intelligence Platform (BI Launchpad)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "4.2" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Business Objects Business Intelligence Platform (BI Launchpad), version 4.2, does not sufficiently encode user-controlled inputs, resulting reflected in Cross-Site Scripting." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "6.1", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2917743", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2917743" } ] } diff --git a/2020/6xxx/CVE-2020-6282.json b/2020/6xxx/CVE-2020-6282.json index f0b363f1e58..54b1fd060c2 100644 --- a/2020/6xxx/CVE-2020-6282.json +++ b/2020/6xxx/CVE-2020-6282.json @@ -4,14 +4,130 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6282", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "7.10" + }, + { + "version_name": "<", + "version_value": "7.11" + }, + { + "version_name": "<", + "version_value": "7.20" + }, + { + "version_name": "<", + "version_value": "7.30" + }, + { + "version_name": "<", + "version_value": "7.31" + }, + { + "version_name": "<", + "version_value": "7.40" + }, + { + "version_name": "<", + "version_value": "7.50" + } + ] + } + }, + { + "product_name": "SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "7.10" + }, + { + "version_name": "<", + "version_value": "7.11" + }, + { + "version_name": "<", + "version_value": "7.20" + }, + { + "version_name": "<", + "version_value": "7.30" + }, + { + "version_name": "<", + "version_value": "7.31" + }, + { + "version_name": "<", + "version_value": "7.40" + }, + { + "version_name": "<", + "version_value": "7.50" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send a crafted request from a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "5.8", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Server-Side Request Forgery" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2896025", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2896025" } ] } diff --git a/2020/6xxx/CVE-2020-6285.json b/2020/6xxx/CVE-2020-6285.json index 8aaa74506cb..127ac286c32 100644 --- a/2020/6xxx/CVE-2020-6285.json +++ b/2020/6xxx/CVE-2020-6285.json @@ -4,14 +4,95 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6285", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "7.10" + }, + { + "version_name": "<", + "version_value": "7.11" + }, + { + "version_name": "<", + "version_value": "7.20" + }, + { + "version_name": "<", + "version_value": "7.30" + }, + { + "version_name": "<", + "version_value": "7.31" + }, + { + "version_name": "<", + "version_value": "7.40" + }, + { + "version_name": "<", + "version_value": "7.50" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "7.7", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2932473", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2932473" } ] } diff --git a/2020/6xxx/CVE-2020-6286.json b/2020/6xxx/CVE-2020-6286.json index 3b655b5d1d1..109d9061c7c 100644 --- a/2020/6xxx/CVE-2020-6286.json +++ b/2020/6xxx/CVE-2020-6286.json @@ -4,14 +4,83 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6286", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP NetWeaver AS JAVA (LM Configuration Wizard)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "7.30" + }, + { + "version_name": "<", + "version_value": "7.31" + }, + { + "version_name": "<", + "version_value": "7.40" + }, + { + "version_name": "<", + "version_value": "7.50" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to exploit a method to download zip files to a specific directory, leading to Path Traversal." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "5.3", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Path Traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2934135", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2934135" } ] } diff --git a/2020/6xxx/CVE-2020-6287.json b/2020/6xxx/CVE-2020-6287.json index 6e5a7c31573..00d646ede83 100644 --- a/2020/6xxx/CVE-2020-6287.json +++ b/2020/6xxx/CVE-2020-6287.json @@ -4,14 +4,83 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6287", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP NetWeaver AS JAVA (LM Configuration Wizard)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "7.30" + }, + { + "version_name": "<", + "version_value": "7.31" + }, + { + "version_name": "<", + "version_value": "7.40" + }, + { + "version_name": "<", + "version_value": "7.50" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "10.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Authentication Check" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2934135", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2934135" } ] } diff --git a/2020/6xxx/CVE-2020-6289.json b/2020/6xxx/CVE-2020-6289.json index 1197b39a1d7..4ce6d86c3c8 100644 --- a/2020/6xxx/CVE-2020-6289.json +++ b/2020/6xxx/CVE-2020-6289.json @@ -4,14 +4,71 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6289", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Disclosure Management", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Disclosure Management, version 10.1, had insufficient protection against Cross-Site Request Forgery, which could be used to trick user in to browsing malicious site." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "4.3", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Request Forgery" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2758000", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2758000" } ] } diff --git a/2020/6xxx/CVE-2020-6290.json b/2020/6xxx/CVE-2020-6290.json index c1711c297fb..378e0a66a66 100644 --- a/2020/6xxx/CVE-2020-6290.json +++ b/2020/6xxx/CVE-2020-6290.json @@ -4,14 +4,71 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6290", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Disclosure Management", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Disclosure Management, version 10.1, is vulnerable to Session Fixation attacks wherein the attacker tricks the user into using a specific session ID." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "4.2", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Session Fixation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2758000", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2758000" } ] } diff --git a/2020/6xxx/CVE-2020-6291.json b/2020/6xxx/CVE-2020-6291.json index 54f8ae5e9e5..60a5ec0f4a9 100644 --- a/2020/6xxx/CVE-2020-6291.json +++ b/2020/6xxx/CVE-2020-6291.json @@ -4,14 +4,71 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6291", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Disclosure Management", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP Disclosure Management, version 10.1, session mechanism does not have expiration data set therefore allows unlimited access after authenticating once, leading to Insufficient Session Expiration" + } + ] + }, + "impact": { + "cvss": { + "baseScore": "5.4", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficient Session Expiration" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2758000", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2758000" } ] } diff --git a/2020/6xxx/CVE-2020-6292.json b/2020/6xxx/CVE-2020-6292.json index 4eb9b60a595..5afe9880c86 100644 --- a/2020/6xxx/CVE-2020-6292.json +++ b/2020/6xxx/CVE-2020-6292.json @@ -4,14 +4,71 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6292", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP Disclosure Management", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Logout mechanism in SAP Disclosure Management, version 10.1, does not invalidate one of the session cookies, leading to Insufficient Session Expiration." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "4.6", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-613" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2758000", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2758000" } ] }