admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-05-26 21:01:18 +00:00
parent b2d63f9e7f
commit 9f5567a0d3
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
10 changed files with 161 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/13xxx/CVE-2020-13388.json
View File

@ -56,6 +56,11 @@
"url": "https://joel-malwarebenchmark.github.io",
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io"
},
{
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io/blog/2020/04/27/cve-2020-13388-jw-util-vulnerability/",
"url": "https://joel-malwarebenchmark.github.io/blog/2020/04/27/cve-2020-13388-jw-util-vulnerability/"
}
]
}

5
2020/13xxx/CVE-2020-13389.json
View File

@ -56,6 +56,11 @@
"url": "https://joel-malwarebenchmark.github.io",
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io"
},
{
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io/blog/2020/04/28/cve-2020-13389-Tenda-vulnerability/",
"url": "https://joel-malwarebenchmark.github.io/blog/2020/04/28/cve-2020-13389-Tenda-vulnerability/"
}
]
}

5
2020/13xxx/CVE-2020-13390.json
View File

@ -56,6 +56,11 @@
"url": "https://joel-malwarebenchmark.github.io",
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io"
},
{
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io/blog/2020/04/28/cve-2020-13390-Tenda-vulnerability/",
"url": "https://joel-malwarebenchmark.github.io/blog/2020/04/28/cve-2020-13390-Tenda-vulnerability/"
}
]
}

5
2020/13xxx/CVE-2020-13391.json
View File

@ -56,6 +56,11 @@
"url": "https://joel-malwarebenchmark.github.io",
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io"
},
{
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io/blog/2020/04/28/cve-2020-13391-Tenda-vulnerability/",
"url": "https://joel-malwarebenchmark.github.io/blog/2020/04/28/cve-2020-13391-Tenda-vulnerability/"
}
]
}

5
2020/13xxx/CVE-2020-13392.json
View File

@ -56,6 +56,11 @@
"url": "https://joel-malwarebenchmark.github.io",
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io"
},
{
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io/blog/2020/04/28/cve-2020-13392-Tenda-vulnerability/",
"url": "https://joel-malwarebenchmark.github.io/blog/2020/04/28/cve-2020-13392-Tenda-vulnerability/"
}
]
}

5
2020/13xxx/CVE-2020-13393.json
View File

@ -56,6 +56,11 @@
"url": "https://joel-malwarebenchmark.github.io",
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io"
},
{
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io/blog/2020/04/28/cve-2020-13393-Tenda-vulnerability/",
"url": "https://joel-malwarebenchmark.github.io/blog/2020/04/28/cve-2020-13393-Tenda-vulnerability/"
}
]
}

5
2020/13xxx/CVE-2020-13394.json
View File

@ -56,6 +56,11 @@
"url": "https://joel-malwarebenchmark.github.io",
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io"
},
{
"refsource": "MISC",
"name": "https://joel-malwarebenchmark.github.io/blog/2020/04/28/cve-2020-13394-Tenda-vulnerability/",
"url": "https://joel-malwarebenchmark.github.io/blog/2020/04/28/cve-2020-13394-Tenda-vulnerability/"
}
]
}

18
2020/13xxx/CVE-2020-13596.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13596",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

2
2020/9xxx/CVE-2020-9039.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Couchbase Server 4.x and 5.x before 6.0.0 has Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access)."
"value": "Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5.1 have Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).The /settings REST endpoint exposed by the projector process is an endpoint that administrators can use for various tasks such as updating configuration and collecting performance profiles. The endpoint was unauthenticated and has been updated to only allow authenticated users to access these administrative APIs."
}
]
},

113
2020/9xxx/CVE-2020-9046.json
View File

@ -1,18 +1,119 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"ID": "CVE-2020-9046",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Kantech EntraPass Security Management Software - System Permissions Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kantech EntraPass Security Management Software Special Edition versions 8.22 and prior",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "8.22"
}
]
}
},
{
"product_name": "Kantech EntraPass Security Management Software Corporate Edition versions 8.22 and prior",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "8.22"
}
]
}
},
{
"product_name": "Kantech EntraPass Security Management Software Global Edition versions 8.22 and prior",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "8.22"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 : Access Control (Authorization) Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.us-cert.gov/ics/advisories/ICSA-20-147-02"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Upgrade all Kantech EntraPass Editions to version 8.23.\n\nRegistered users can obtain the critical software update by downloading the zip file from the Software Downloads location at https://kantech.com/Support/SoftwareDownloads.aspx."
}
],
"source": {
"discovery": "EXTERNAL"
}
}