From 80bb1bf796bd1053a19bab0b078872ccc477b275 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 1 Sep 2020 21:01:25 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/2xxx/CVE-2019-2684.json | 10 ++++++ 2020/13xxx/CVE-2020-13946.json | 50 +++++++++++++++++++++++++-- 2020/13xxx/CVE-2020-13962.json | 5 +++ 2020/16xxx/CVE-2020-16204.json | 50 +++++++++++++++++++++++++-- 2020/16xxx/CVE-2020-16206.json | 50 +++++++++++++++++++++++++-- 2020/16xxx/CVE-2020-16208.json | 50 +++++++++++++++++++++++++-- 2020/16xxx/CVE-2020-16210.json | 50 +++++++++++++++++++++++++-- 2020/25xxx/CVE-2020-25069.json | 62 ++++++++++++++++++++++++++++++++++ 2020/25xxx/CVE-2020-25070.json | 62 ++++++++++++++++++++++++++++++++++ 2020/25xxx/CVE-2020-25071.json | 18 ++++++++++ 2020/5xxx/CVE-2020-5776.json | 50 +++++++++++++++++++++++++-- 2020/5xxx/CVE-2020-5777.json | 50 +++++++++++++++++++++++++-- 2020/6xxx/CVE-2020-6137.json | 50 +++++++++++++++++++++++++-- 2020/6xxx/CVE-2020-6138.json | 50 +++++++++++++++++++++++++-- 2020/6xxx/CVE-2020-6139.json | 50 +++++++++++++++++++++++++-- 2020/6xxx/CVE-2020-6140.json | 50 +++++++++++++++++++++++++-- 2020/6xxx/CVE-2020-6142.json | 50 +++++++++++++++++++++++++-- 2020/6xxx/CVE-2020-6143.json | 50 +++++++++++++++++++++++++-- 2020/6xxx/CVE-2020-6144.json | 50 +++++++++++++++++++++++++-- 2020/6xxx/CVE-2020-6151.json | 50 +++++++++++++++++++++++++-- 2020/6xxx/CVE-2020-6152.json | 50 +++++++++++++++++++++++++-- 2020/6xxx/CVE-2020-6873.json | 50 +++++++++++++++++++++++++-- 2020/6xxx/CVE-2020-6874.json | 50 +++++++++++++++++++++++++-- 23 files changed, 1003 insertions(+), 54 deletions(-) create mode 100644 2020/25xxx/CVE-2020-25069.json create mode 100644 2020/25xxx/CVE-2020-25070.json create mode 100644 2020/25xxx/CVE-2020-25071.json diff --git a/2019/2xxx/CVE-2019-2684.json b/2019/2xxx/CVE-2019-2684.json index d325947a94a..035c675affa 100644 --- a/2019/2xxx/CVE-2019-2684.json +++ b/2019/2xxx/CVE-2019-2684.json @@ -216,6 +216,16 @@ "refsource": "MLIST", "name": "[cassandra-dev] 20200901 CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability", "url": "https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152@%3Cdev.cassandra.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[cassandra-user] 20200901 CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability", + "url": "https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152@%3Cuser.cassandra.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200901 CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability", + "url": "http://www.openwall.com/lists/oss-security/2020/09/01/4" } ] } diff --git a/2020/13xxx/CVE-2020-13946.json b/2020/13xxx/CVE-2020-13946.json index 0ad5e9102d0..b13329fa1d0 100644 --- a/2020/13xxx/CVE-2020-13946.json +++ b/2020/13xxx/CVE-2020-13946.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13946", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Apache Cassandra", + "version": { + "version_data": [ + { + "version_value": "All versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficiently Protected Credentials" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152%40%3Cuser.cassandra.apache.org%3E", + "url": "https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152%40%3Cuser.cassandra.apache.org%3E" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorised operations. Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables this issue to be exploited remotely." } ] } diff --git a/2020/13xxx/CVE-2020-13962.json b/2020/13xxx/CVE-2020-13962.json index 4c825ff3a6a..6d38f7224aa 100644 --- a/2020/13xxx/CVE-2020-13962.json +++ b/2020/13xxx/CVE-2020-13962.json @@ -71,6 +71,11 @@ "refsource": "GENTOO", "name": "GLSA-202007-18", "url": "https://security.gentoo.org/glsa/202007-18" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1319", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00004.html" } ] } diff --git a/2020/16xxx/CVE-2020-16204.json b/2020/16xxx/CVE-2020-16204.json index 17000dc2cb4..aa512e57980 100644 --- a/2020/16xxx/CVE-2020-16204.json +++ b/2020/16xxx/CVE-2020-16204.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-16204", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "N-Tron 702-W / 702M12-W", + "version": { + "version_data": [ + { + "version_value": "Versions prior to all versions" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "HIDDEN FUNCTIONALITY (BACKDOOR) CWE-912" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions)." } ] } diff --git a/2020/16xxx/CVE-2020-16206.json b/2020/16xxx/CVE-2020-16206.json index ec7f7ca9832..accf048c133 100644 --- a/2020/16xxx/CVE-2020-16206.json +++ b/2020/16xxx/CVE-2020-16206.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-16206", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "N-Tron 702-W / 702M12-W", + "version": { + "version_data": [ + { + "version_value": "Versions prior to all versions" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION (\u2018CROSS-SITE SCRIPTING\u2019) CWE-79" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The affected product is vulnerable to stored cross-site scripting, which may allow an attacker to remotely execute arbitrary code to gain access to sensitive data on the N-Tron 702-W / 702M12-W (all versions)." } ] } diff --git a/2020/16xxx/CVE-2020-16208.json b/2020/16xxx/CVE-2020-16208.json index e86dba21eb1..4b47dd178c4 100644 --- a/2020/16xxx/CVE-2020-16208.json +++ b/2020/16xxx/CVE-2020-16208.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-16208", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "N-Tron 702-W / 702M12-W", + "version": { + "version_data": [ + { + "version_value": "Versions prior to all versions" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CROSS-SITE REQUEST FORGERY (CSRF) CWE-352" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions)." } ] } diff --git a/2020/16xxx/CVE-2020-16210.json b/2020/16xxx/CVE-2020-16210.json index 00519a59ee6..dcbc419c1ce 100644 --- a/2020/16xxx/CVE-2020-16210.json +++ b/2020/16xxx/CVE-2020-16210.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-16210", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "N-Tron 702-W / 702M12-W", + "version": { + "version_data": [ + { + "version_value": "Versions prior to all versions" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION (\u2018CROSS-SITE SCRIPTING\u2019) CWE-79" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The affected product is vulnerable to reflected cross-site scripting, which may allow an attacker to remotely execute arbitrary code and perform actions in the context of an attacked user on the N-Tron 702-W / 702M12-W (all versions)." } ] } diff --git a/2020/25xxx/CVE-2020-25069.json b/2020/25xxx/CVE-2020-25069.json new file mode 100644 index 00000000000..2d29a9a0f69 --- /dev/null +++ b/2020/25xxx/CVE-2020-25069.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-25069", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "USVN (aka User-friendly SVN) before 1.0.10 allows attackers to execute arbitrary code in the commit view." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.usvn.info/2020/08/02/usvn-1.0.10", + "refsource": "MISC", + "name": "https://www.usvn.info/2020/08/02/usvn-1.0.10" + } + ] + } +} \ No newline at end of file diff --git a/2020/25xxx/CVE-2020-25070.json b/2020/25xxx/CVE-2020-25070.json new file mode 100644 index 00000000000..2c30ae00bd8 --- /dev/null +++ b/2020/25xxx/CVE-2020-25070.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-25070", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "USVN (aka User-friendly SVN) before 1.0.10 allows CSRF, related to the lack of the SameSite Strict feature." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.usvn.info/2020/08/02/usvn-1.0.10", + "refsource": "MISC", + "name": "https://www.usvn.info/2020/08/02/usvn-1.0.10" + } + ] + } +} \ No newline at end of file diff --git a/2020/25xxx/CVE-2020-25071.json b/2020/25xxx/CVE-2020-25071.json new file mode 100644 index 00000000000..ee7d00da870 --- /dev/null +++ b/2020/25xxx/CVE-2020-25071.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-25071", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5776.json b/2020/5xxx/CVE-2020-5776.json index 9423d316c30..d4e3488d816 100644 --- a/2020/5xxx/CVE-2020-5776.json +++ b/2020/5xxx/CVE-2020-5776.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-5776", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vulnreport@tenable.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "MAGMI", + "version": { + "version_data": [ + { + "version_value": "All versions of MAGMI" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site Request Forgery (CSRF)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.tenable.com/security/research/tra-2020-51", + "url": "https://www.tenable.com/security/research/tra-2020-51" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session for MAGMI." } ] } diff --git a/2020/5xxx/CVE-2020-5777.json b/2020/5xxx/CVE-2020-5777.json index caa130b108e..fd1b58ebcb3 100644 --- a/2020/5xxx/CVE-2020-5777.json +++ b/2020/5xxx/CVE-2020-5777.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-5777", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vulnreport@tenable.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "MAGMI", + "version": { + "version_data": [ + { + "version_value": "All versions prior to version 0.7.24" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Authentication Bypass." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.tenable.com/security/research/tra-2020-51", + "url": "https://www.tenable.com/security/research/tra-2020-51" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure. A remote attacker can trigger this connection failure if the Mysql setting max_connections (default 151) is lower than Apache (or another web server) setting MaxRequestWorkers (formerly MaxClients) (default 256). This can be done by sending at least 151 simultaneous requests to the Magento website to trigger a \"Too many connections\" error, then use default magmi:magmi basic authentication to remotely bypass authentication." } ] } diff --git a/2020/6xxx/CVE-2020-6137.json b/2020/6xxx/CVE-2020-6137.json index 98b3778fa96..36f7b4717cf 100644 --- a/2020/6xxx/CVE-2020-6137.json +++ b/2020/6xxx/CVE-2020-6137.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6137", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OS4Ed", + "version": { + "version_data": [ + { + "version_value": "OS4Ed openSIS 7.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection\"" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1080", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1080" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability." } ] } diff --git a/2020/6xxx/CVE-2020-6138.json b/2020/6xxx/CVE-2020-6138.json index 2826d01aebe..c8d3358c11d 100644 --- a/2020/6xxx/CVE-2020-6138.json +++ b/2020/6xxx/CVE-2020-6138.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6138", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OS4Ed", + "version": { + "version_data": [ + { + "version_value": "OS4Ed openSIS 7.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection\"" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1080", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1080" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The uname parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection An attacker can send an HTTP request to trigger this vulnerability." } ] } diff --git a/2020/6xxx/CVE-2020-6139.json b/2020/6xxx/CVE-2020-6139.json index 7a760668b27..7a3c356852b 100644 --- a/2020/6xxx/CVE-2020-6139.json +++ b/2020/6xxx/CVE-2020-6139.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6139", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OS4Ed", + "version": { + "version_data": [ + { + "version_value": "OS4Ed openSIS 7.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1080", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1080" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The username_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability." } ] } diff --git a/2020/6xxx/CVE-2020-6140.json b/2020/6xxx/CVE-2020-6140.json index 6068e0e416b..bc431e9d16f 100644 --- a/2020/6xxx/CVE-2020-6140.json +++ b/2020/6xxx/CVE-2020-6140.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6140", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OS4Ed", + "version": { + "version_data": [ + { + "version_value": "OS4Ed openSIS 7.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection\"" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1080", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1080" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability." } ] } diff --git a/2020/6xxx/CVE-2020-6142.json b/2020/6xxx/CVE-2020-6142.json index ae2c0e6040f..48826f74dac 100644 --- a/2020/6xxx/CVE-2020-6142.json +++ b/2020/6xxx/CVE-2020-6142.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6142", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OS4Ed ", + "version": { + "version_data": [ + { + "version_value": "OS4Ed openSIS 7.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1082", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1082" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can cause local file inclusion. An attacker can send an HTTP request to trigger this vulnerability." } ] } diff --git a/2020/6xxx/CVE-2020-6143.json b/2020/6xxx/CVE-2020-6143.json index f86e7a013f7..948c0d67045 100644 --- a/2020/6xxx/CVE-2020-6143.json +++ b/2020/6xxx/CVE-2020-6143.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6143", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OS4Ed", + "version": { + "version_data": [ + { + "version_value": "OS4Ed openSIS 7.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1083", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1083" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 122 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trigger this vulnerability." } ] } diff --git a/2020/6xxx/CVE-2020-6144.json b/2020/6xxx/CVE-2020-6144.json index 030435a3422..f9fdfc0c3cb 100644 --- a/2020/6xxx/CVE-2020-6144.json +++ b/2020/6xxx/CVE-2020-6144.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6144", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OS4Ed", + "version": { + "version_data": [ + { + "version_value": "OS4Ed openSIS 7.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1083", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1083" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 121 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trigger this vulnerability." } ] } diff --git a/2020/6xxx/CVE-2020-6151.json b/2020/6xxx/CVE-2020-6151.json index 567b6d6106b..1a990d592fb 100644 --- a/2020/6xxx/CVE-2020-6151.json +++ b/2020/6xxx/CVE-2020-6151.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6151", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Accusoft", + "version": { + "version_data": [ + { + "version_value": "Accusoft ImageGear 19.7" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "memory corruption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1095", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1095" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption vulnerability exists in the TIFF handle_COMPRESSION_PACKBITS functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause a memory corruption. An attacker can provide a malicious file to trigger this vulnerability." } ] } diff --git a/2020/6xxx/CVE-2020-6152.json b/2020/6xxx/CVE-2020-6152.json index 33dacfefebd..f281072f574 100644 --- a/2020/6xxx/CVE-2020-6152.json +++ b/2020/6xxx/CVE-2020-6152.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6152", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Accusoft", + "version": { + "version_data": [ + { + "version_value": "Accusoft ImageGear 19.7" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1096", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1096" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A code execution vulnerability exists in the DICOM parse_dicom_meta_info functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause an out-of-bounds write. An attacker can trigger this vulnerability by providing a victim with a malicious DICOM file." } ] } diff --git a/2020/6xxx/CVE-2020-6873.json b/2020/6xxx/CVE-2020-6873.json index 70bc40c02bf..9dec39449d7 100644 --- a/2020/6xxx/CVE-2020-6873.json +++ b/2020/6xxx/CVE-2020-6873.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6873", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@zte.com.cn", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DoS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013403", + "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013403" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A ZTE product has a DoS vulnerability. Because the equipment couldn\u2019t distinguish the attack packets and normal packets with valid http links, the remote attackers could use this vulnerability to cause the equipment WEB/TELNET module denial of service and make the equipment be out of management. This affects: ZXR10 2800-4_ALMPUFB(LOW), all versions up to V3.00.40." } ] } diff --git a/2020/6xxx/CVE-2020-6874.json b/2020/6xxx/CVE-2020-6874.json index bbb98bc9b8b..54d3f5d7857 100644 --- a/2020/6xxx/CVE-2020-6874.json +++ b/2020/6xxx/CVE-2020-6874.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6874", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@zte.com.cn", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "cryptographic issues" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013463", + "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013463" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A ZTE product is impacted by the cryptographic issues vulnerability. The encryption algorithm is not properly used, so remote attackers could use this vulnerability for account credential enumeration attack or brute-force attack for password guessing. This affects: ZXIPTV, ZXIPTV-WEB-PV5.09.08.04." } ] }