From 927fa0782e982e387c59f8eb2fa5980b7a84661d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 15 Oct 2020 03:01:46 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/27xxx/CVE-2020-27152.json | 18 +++++++ 2020/27xxx/CVE-2020-27153.json | 72 ++++++++++++++++++++++++++++ 2020/5xxx/CVE-2020-5642.json | 15 ++++-- 2020/6xxx/CVE-2020-6365.json | 87 ++++++++++++++++++++++++++++++++-- 4 files changed, 185 insertions(+), 7 deletions(-) create mode 100644 2020/27xxx/CVE-2020-27152.json create mode 100644 2020/27xxx/CVE-2020-27153.json diff --git a/2020/27xxx/CVE-2020-27152.json b/2020/27xxx/CVE-2020-27152.json new file mode 100644 index 00000000000..e5460efe8d1 --- /dev/null +++ b/2020/27xxx/CVE-2020-27152.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27152", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27153.json b/2020/27xxx/CVE-2020-27153.json new file mode 100644 index 00000000000..df511030145 --- /dev/null +++ b/2020/27xxx/CVE-2020-27153.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-27153", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/bluez/bluez/commit/5a180f2ec9edfacafd95e5fed20d36fe8e077f07", + "refsource": "MISC", + "name": "https://github.com/bluez/bluez/commit/5a180f2ec9edfacafd95e5fed20d36fe8e077f07" + }, + { + "url": "https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a", + "refsource": "MISC", + "name": "https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1884817", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1884817" + } + ] + } +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5642.json b/2020/5xxx/CVE-2020-5642.json index 2201ea8d581..c28f572c605 100644 --- a/2020/5xxx/CVE-2020-5642.json +++ b/2020/5xxx/CVE-2020-5642.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-5642", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,13 +45,19 @@ "references": { "reference_data": [ { - "url": "https://wordpress.org/plugins/onwebchat/" + "url": "https://wordpress.org/plugins/onwebchat/", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/onwebchat/" }, { - "url": "https://plugins.trac.wordpress.org/changeset?new=2384440%40onwebchat&old=2364589%40onwebchat" + "url": "https://plugins.trac.wordpress.org/changeset?new=2384440%40onwebchat&old=2364589%40onwebchat", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?new=2384440%40onwebchat&old=2364589%40onwebchat" }, { - "url": "https://jvn.jp/en/jp/JVN92404841/index.html" + "url": "https://jvn.jp/en/jp/JVN92404841/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN92404841/index.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6365.json b/2020/6xxx/CVE-2020-6365.json index 0f122aee5b7..c7970e962ed 100644 --- a/2020/6xxx/CVE-2020-6365.json +++ b/2020/6xxx/CVE-2020-6365.json @@ -4,14 +4,95 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6365", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@sap.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SAP SE", + "product": { + "product_data": [ + { + "product_name": "SAP NetWeaver Application Server Java", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "7.10" + }, + { + "version_name": "<", + "version_value": "7.11" + }, + { + "version_name": "<", + "version_value": "7.20" + }, + { + "version_name": "<", + "version_value": "7.30" + }, + { + "version_name": "<", + "version_value": "7.31" + }, + { + "version_name": "<", + "version_value": "7.40" + }, + { + "version_name": "<", + "version_value": "7.50" + } + ] + } + } + ] + } + } + ] + } }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, Start Page allows an unauthenticated remote attacker to redirect users to a malicious site due to insufficient reverse tabnabbing URL validation. The attacker could execute phishing attacks to steal credentials of the victim or to redirect users to untrusted web pages containing malware or similar malicious exploits." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "4.7", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Reverse Tabnabbing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196", + "refsource": "MISC", + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196" + }, + { + "url": "https://launchpad.support.sap.com/#/notes/2969828", + "refsource": "MISC", + "name": "https://launchpad.support.sap.com/#/notes/2969828" } ] }