From 906509fd2cf889b077c5b75dfdb2332fb8bf007b Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 30 Mar 2020 20:01:27 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2016/11xxx/CVE-2016-11023.json | 62 ++++++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11024.json | 62 ++++++++++++++++++++++++++++++++++ 2017/11xxx/CVE-2017-11109.json | 5 +++ 2017/5xxx/CVE-2017-5953.json | 5 +++ 2017/6xxx/CVE-2017-6349.json | 5 +++ 2017/6xxx/CVE-2017-6350.json | 5 +++ 2018/20xxx/CVE-2018-20786.json | 5 +++ 2019/15xxx/CVE-2019-15703.json | 12 +++++-- 2019/20xxx/CVE-2019-20079.json | 5 +++ 2020/10xxx/CVE-2020-10508.json | 2 ++ 2020/10xxx/CVE-2020-10509.json | 6 ++-- 2020/10xxx/CVE-2020-10510.json | 6 ++-- 2020/11xxx/CVE-2020-11100.json | 18 ++++++++++ 2020/5xxx/CVE-2020-5255.json | 2 +- 2020/5xxx/CVE-2020-5274.json | 2 +- 2020/5xxx/CVE-2020-5275.json | 2 +- 2020/5xxx/CVE-2020-5723.json | 50 +++++++++++++++++++++++++-- 2020/5xxx/CVE-2020-5724.json | 50 +++++++++++++++++++++++++-- 2020/5xxx/CVE-2020-5725.json | 50 +++++++++++++++++++++++++-- 2020/5xxx/CVE-2020-5726.json | 50 +++++++++++++++++++++++++-- 20 files changed, 382 insertions(+), 22 deletions(-) create mode 100644 2016/11xxx/CVE-2016-11023.json create mode 100644 2016/11xxx/CVE-2016-11024.json create mode 100644 2020/11xxx/CVE-2020-11100.json diff --git a/2016/11xxx/CVE-2016-11023.json b/2016/11xxx/CVE-2016-11023.json new file mode 100644 index 00000000000..e12738b3a5b --- /dev/null +++ b/2016/11xxx/CVE-2016-11023.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11023", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://groups.google.com/d/msg/odata4j-discuss/_lBwwXP30g0/Av6zkZMdBwAJ", + "refsource": "MISC", + "name": "https://groups.google.com/d/msg/odata4j-discuss/_lBwwXP30g0/Av6zkZMdBwAJ" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11024.json b/2016/11xxx/CVE-2016-11024.json new file mode 100644 index 00000000000..c973d7a15e6 --- /dev/null +++ b/2016/11xxx/CVE-2016-11024.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11024", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://groups.google.com/d/msg/odata4j-discuss/_lBwwXP30g0/Av6zkZMdBwAJ", + "refsource": "MISC", + "name": "https://groups.google.com/d/msg/odata4j-discuss/_lBwwXP30g0/Av6zkZMdBwAJ" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11109.json b/2017/11xxx/CVE-2017-11109.json index df30b35f9e4..0786c51217d 100644 --- a/2017/11xxx/CVE-2017-11109.json +++ b/2017/11xxx/CVE-2017-11109.json @@ -61,6 +61,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190803 [SECURITY] [DLA 1871-1] vim security update", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00003.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4309-1", + "url": "https://usn.ubuntu.com/4309-1/" } ] } diff --git a/2017/5xxx/CVE-2017-5953.json b/2017/5xxx/CVE-2017-5953.json index b806c8a520a..24d30388f31 100644 --- a/2017/5xxx/CVE-2017-5953.json +++ b/2017/5xxx/CVE-2017-5953.json @@ -81,6 +81,11 @@ "refsource": "UBUNTU", "name": "USN-4016-1", "url": "https://usn.ubuntu.com/4016-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4309-1", + "url": "https://usn.ubuntu.com/4309-1/" } ] } diff --git a/2017/6xxx/CVE-2017-6349.json b/2017/6xxx/CVE-2017-6349.json index b52d3cfd59b..f6b33be4bb2 100644 --- a/2017/6xxx/CVE-2017-6349.json +++ b/2017/6xxx/CVE-2017-6349.json @@ -81,6 +81,11 @@ "name": "https://groups.google.com/forum/#!topic/vim_dev/QPZc0CY9j3Y", "refsource": "MISC", "url": "https://groups.google.com/forum/#!topic/vim_dev/QPZc0CY9j3Y" + }, + { + "refsource": "UBUNTU", + "name": "USN-4309-1", + "url": "https://usn.ubuntu.com/4309-1/" } ] } diff --git a/2017/6xxx/CVE-2017-6350.json b/2017/6xxx/CVE-2017-6350.json index 41df89a06bb..8f619a9d1e1 100644 --- a/2017/6xxx/CVE-2017-6350.json +++ b/2017/6xxx/CVE-2017-6350.json @@ -81,6 +81,11 @@ "name": "https://groups.google.com/forum/#!topic/vim_dev/QPZc0CY9j3Y", "refsource": "MISC", "url": "https://groups.google.com/forum/#!topic/vim_dev/QPZc0CY9j3Y" + }, + { + "refsource": "UBUNTU", + "name": "USN-4309-1", + "url": "https://usn.ubuntu.com/4309-1/" } ] } diff --git a/2018/20xxx/CVE-2018-20786.json b/2018/20xxx/CVE-2018-20786.json index 1b070b8f45e..c0a06bd3ad2 100644 --- a/2018/20xxx/CVE-2018-20786.json +++ b/2018/20xxx/CVE-2018-20786.json @@ -61,6 +61,11 @@ "name": "https://github.com/vim/vim/issues/3711", "refsource": "MISC", "url": "https://github.com/vim/vim/issues/3711" + }, + { + "refsource": "UBUNTU", + "name": "USN-4309-1", + "url": "https://usn.ubuntu.com/4309-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15703.json b/2019/15xxx/CVE-2019-15703.json index ff21fcbfc88..7b4f1abed01 100644 --- a/2019/15xxx/CVE-2019-15703.json +++ b/2019/15xxx/CVE-2019-15703.json @@ -11,7 +11,7 @@ "vendor": { "vendor_data": [ { - "vendor_name": "n/a", + "vendor_name": "Fortinet", "product": { "product_data": [ { @@ -19,7 +19,13 @@ "version": { "version_data": [ { - "version_value": "FortiOS 6.2.1 and below" + "version_value": "6.2.1" + }, + { + "version_value": "6.2.0" + }, + { + "version_value": "6.0.8 and below" } ] } @@ -55,7 +61,7 @@ "description_data": [ { "lang": "eng", - "value": "An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA handshake and mutual ECDSA authentication via the help of flush+reload side channel attacks in FortiGate VM models only." + "value": "An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA handshake and mutual ECDSA authentication via the help of flush+reload side channel attacks in FortiGate VM models only." } ] } diff --git a/2019/20xxx/CVE-2019-20079.json b/2019/20xxx/CVE-2019-20079.json index ed5b22fa5f9..19a99aa4f48 100644 --- a/2019/20xxx/CVE-2019-20079.json +++ b/2019/20xxx/CVE-2019-20079.json @@ -66,6 +66,11 @@ "url": "https://github.com/vim/vim/compare/v8.1.2135...v8.1.2136", "refsource": "MISC", "name": "https://github.com/vim/vim/compare/v8.1.2135...v8.1.2136" + }, + { + "refsource": "UBUNTU", + "name": "USN-4309-1", + "url": "https://usn.ubuntu.com/4309-1/" } ] } diff --git a/2020/10xxx/CVE-2020-10508.json b/2020/10xxx/CVE-2020-10508.json index f8518a918c6..b5ecca3a2d4 100644 --- a/2020/10xxx/CVE-2020-10508.json +++ b/2020/10xxx/CVE-2020-10508.json @@ -81,10 +81,12 @@ "reference_data": [ { "refsource": "CONFIRM", + "name": "https://www.twcert.org.tw/tw/cp-132-3448-76a35-1.html", "url": "https://www.twcert.org.tw/tw/cp-132-3448-76a35-1.html" }, { "refsource": "CONFIRM", + "name": "https://www.chtsecurity.com/news/30772cf1-2e7e-4afe-9282-b5a196b22e71", "url": "https://www.chtsecurity.com/news/30772cf1-2e7e-4afe-9282-b5a196b22e71" } ] diff --git a/2020/10xxx/CVE-2020-10509.json b/2020/10xxx/CVE-2020-10509.json index 13b6d60a406..f880ea1b6d9 100644 --- a/2020/10xxx/CVE-2020-10509.json +++ b/2020/10xxx/CVE-2020-10509.json @@ -81,11 +81,13 @@ "reference_data": [ { "refsource": "CONFIRM", - "url": "https://www.twcert.org.tw/tw/cp-132-3449-c87d8-1.html" + "name": "https://www.chtsecurity.com/news/30772cf1-2e7e-4afe-9282-b5a196b22e71", + "url": "https://www.chtsecurity.com/news/30772cf1-2e7e-4afe-9282-b5a196b22e71" }, { "refsource": "CONFIRM", - "url": "https://www.chtsecurity.com/news/30772cf1-2e7e-4afe-9282-b5a196b22e71" + "name": "https://www.twcert.org.tw/tw/cp-132-3449-c87d8-1.html", + "url": "https://www.twcert.org.tw/tw/cp-132-3449-c87d8-1.html" } ] }, diff --git a/2020/10xxx/CVE-2020-10510.json b/2020/10xxx/CVE-2020-10510.json index b52560126d6..fcb66e3d6d8 100644 --- a/2020/10xxx/CVE-2020-10510.json +++ b/2020/10xxx/CVE-2020-10510.json @@ -81,11 +81,13 @@ "reference_data": [ { "refsource": "CONFIRM", - "url": "https://www.twcert.org.tw/tw/cp-132-3450-69466-1.html" + "name": "https://www.chtsecurity.com/news/30772cf1-2e7e-4afe-9282-b5a196b22e71", + "url": "https://www.chtsecurity.com/news/30772cf1-2e7e-4afe-9282-b5a196b22e71" }, { "refsource": "CONFIRM", - "url": "https://www.chtsecurity.com/news/30772cf1-2e7e-4afe-9282-b5a196b22e71" + "name": "https://www.twcert.org.tw/tw/cp-132-3450-69466-1.html", + "url": "https://www.twcert.org.tw/tw/cp-132-3450-69466-1.html" } ] }, diff --git a/2020/11xxx/CVE-2020-11100.json b/2020/11xxx/CVE-2020-11100.json new file mode 100644 index 00000000000..5b1d2a28bc8 --- /dev/null +++ b/2020/11xxx/CVE-2020-11100.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-11100", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5255.json b/2020/5xxx/CVE-2020-5255.json index 8e130e3cd0f..080a5fcf3f3 100644 --- a/2020/5xxx/CVE-2020-5255.json +++ b/2020/5xxx/CVE-2020-5255.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "In Symfony before version 4.4, when a `Response` does not contain a `Content-Type` header,\naffected versions of Symfony can fallback to the format defined in the `Accept` header of the request,\nleading to a possible mismatch between the response's content and `Content-Type` header.\nWhen the response is cached, this can prevent the use of the website by other users.\n\nThis has been patched in version 4.4." + "value": "In Symfony before version 4.4, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response's content and `Content-Type` header. When the response is cached, this can prevent the use of the website by other users. This has been patched in version 4.4." } ] }, diff --git a/2020/5xxx/CVE-2020-5274.json b/2020/5xxx/CVE-2020-5274.json index 92a3b4c68f2..2750cc2f588 100644 --- a/2020/5xxx/CVE-2020-5274.json +++ b/2020/5xxx/CVE-2020-5274.json @@ -38,7 +38,7 @@ "description_data": [ { "lang": "eng", - "value": "In Symfony before versions 5.0.5 and 4.4.5, \nsome properties of the Exception were not properly escaped when the `ErrorHandler` rendered it stacktrace.\nIn addition, the stacktrace were displayed even in a non-debug configuration.\n\nThe ErrorHandler now escape alls properties of the exception, and the stacktrace is only display in debug configuration.\n\nThis issue is patched in symfony/http-foundation versions 4.4.5 and 5.0.5" + "value": "In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the `ErrorHandler` rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the stacktrace is only display in debug configuration. This issue is patched in symfony/http-foundation versions 4.4.5 and 5.0.5" } ] }, diff --git a/2020/5xxx/CVE-2020-5275.json b/2020/5xxx/CVE-2020-5275.json index 48bbebc2a17..a756e67b2b3 100644 --- a/2020/5xxx/CVE-2020-5275.json +++ b/2020/5xxx/CVE-2020-5275.json @@ -38,7 +38,7 @@ "description_data": [ { "lang": "eng", - "value": "In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, \nit iterate overs each rule's attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute,\npreventing the check of next attributes that should have been take into account in an unanimous strategy.\n\nThe accessDecisionManager is now called with all attributes at once, allowing the unanimous strategy being applied on each attribute.\n\nThis issue is patched in versions 4.4.7 and 5.0.7." + "value": "In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule's attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the check of next attributes that should have been take into account in an unanimous strategy. The accessDecisionManager is now called with all attributes at once, allowing the unanimous strategy being applied on each attribute. This issue is patched in versions 4.4.7 and 5.0.7." } ] }, diff --git a/2020/5xxx/CVE-2020-5723.json b/2020/5xxx/CVE-2020-5723.json index 5a34de376df..83c5ce9d79a 100644 --- a/2020/5xxx/CVE-2020-5723.json +++ b/2020/5xxx/CVE-2020-5723.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-5723", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vulnreport@tenable.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Grandstream UCM6200 series", + "version": { + "version_data": [ + { + "version_value": "1.0.20.20 and below" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cleartext Password Storage (CWE-312)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.tenable.com/security/research/tra-2020-17", + "url": "https://www.tenable.com/security/research/tra-2020-17" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This could allow an attacker to retrieve all passwords and possibly gain elevated privileges." } ] } diff --git a/2020/5xxx/CVE-2020-5724.json b/2020/5xxx/CVE-2020-5724.json index ef8bb1beda4..0a815bd7639 100644 --- a/2020/5xxx/CVE-2020-5724.json +++ b/2020/5xxx/CVE-2020-5724.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-5724", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vulnreport@tenable.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Grandstream UCM6200 series", + "version": { + "version_data": [ + { + "version_value": "1.0.20.20 and below" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection (CWE-89)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.tenable.com/security/research/tra-2020-17", + "url": "https://www.tenable.com/security/research/tra-2020-17" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords." } ] } diff --git a/2020/5xxx/CVE-2020-5725.json b/2020/5xxx/CVE-2020-5725.json index 16531f155fb..55d7fdea48e 100644 --- a/2020/5xxx/CVE-2020-5725.json +++ b/2020/5xxx/CVE-2020-5725.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-5725", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vulnreport@tenable.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Grandstream UCM6200 series", + "version": { + "version_data": [ + { + "version_value": "1.0.20.20 and below" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection (CWE-89)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.tenable.com/security/research/tra-2020-17", + "url": "https://www.tenable.com/security/research/tra-2020-17" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the login action with a crafted username and, through the use of timing attacks, can discover user passwords." } ] } diff --git a/2020/5xxx/CVE-2020-5726.json b/2020/5xxx/CVE-2020-5726.json index c2597aff0bb..a79ec4e2593 100644 --- a/2020/5xxx/CVE-2020-5726.json +++ b/2020/5xxx/CVE-2020-5726.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-5726", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vulnreport@tenable.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Grandstream UCM6200 series", + "version": { + "version_data": [ + { + "version_value": "1.0.20.20 and below" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection (CWE-89)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.tenable.com/security/research/tra-2020-17", + "url": "https://www.tenable.com/security/research/tra-2020-17" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords." } ] }