From ac294c3a04df726cdc3cf1c3c7abbbd25c761304 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 19 Nov 2020 16:01:49 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/11xxx/CVE-2020-11829.json | 50 ++++++++- 2020/11xxx/CVE-2020-11830.json | 50 ++++++++- 2020/11xxx/CVE-2020-11831.json | 50 ++++++++- 2020/28xxx/CVE-2020-28054.json | 66 ++++++++++-- 2020/28xxx/CVE-2020-28941.json | 18 ++++ 2020/4xxx/CVE-2020-4718.json | 190 ++++++++++++++++----------------- 2020/9xxx/CVE-2020-9049.json | 114 ++++++++++++++++++-- 7 files changed, 422 insertions(+), 116 deletions(-) create mode 100644 2020/28xxx/CVE-2020-28941.json diff --git a/2020/11xxx/CVE-2020-11829.json b/2020/11xxx/CVE-2020-11829.json index 878321e43cb..898a0f7223c 100644 --- a/2020/11xxx/CVE-2020-11829.json +++ b/2020/11xxx/CVE-2020-11829.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-11829", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@oppo.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "com.coloros.codebook", + "version": { + "version_data": [ + { + "version_value": "V2.0.0_5493e40_200722" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "privilege escalation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696", + "url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722." } ] } diff --git a/2020/11xxx/CVE-2020-11830.json b/2020/11xxx/CVE-2020-11830.json index e851ad271fd..82c2361e991 100644 --- a/2020/11xxx/CVE-2020-11830.json +++ b/2020/11xxx/CVE-2020-11830.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-11830", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@oppo.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "com.oppo.qualityprotect", + "version": { + "version_data": [ + { + "version_value": "V2.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "privilege escalation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696", + "url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "QualityProtect has a vulnerability to execute arbitrary system commands, affected product is com.oppo.qualityprotect V2.0." } ] } diff --git a/2020/11xxx/CVE-2020-11831.json b/2020/11xxx/CVE-2020-11831.json index 876765a1306..e6132c54d0f 100644 --- a/2020/11xxx/CVE-2020-11831.json +++ b/2020/11xxx/CVE-2020-11831.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-11831", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@oppo.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "com.oppo.ovoicemanager", + "version": { + "version_data": [ + { + "version_value": "V2.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "privilege escalation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696", + "url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1." } ] } diff --git a/2020/28xxx/CVE-2020-28054.json b/2020/28xxx/CVE-2020-28054.json index 682cdcfd499..7fe27873917 100644 --- a/2020/28xxx/CVE-2020-28054.json +++ b/2020/28xxx/CVE-2020-28054.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-28054", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-28054", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to an Authorization Bypass because the Collector component is not properly validating an authenticated session with the Viewer. If the Viewer has been modified (binary patched) and the Bypass Login functionality is being used, an attacker can request every Collector's functionality as if they were a properly logged-in user: administrating connected instances, reviewing logs, editing configurations, accessing the instances' consoles, accessing hardware configurations, etc.Exploiting this vulnerability won't grant an attacker access nor control on remote ISP servers as no credentials is sent with the request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://voidsec.com", + "refsource": "MISC", + "name": "https://voidsec.com" + }, + { + "url": "https://tsmmanager.com", + "refsource": "MISC", + "name": "https://tsmmanager.com" + }, + { + "refsource": "MISC", + "name": "https://voidsec.com/tivoli-madness/", + "url": "https://voidsec.com/tivoli-madness/" } ] } diff --git a/2020/28xxx/CVE-2020-28941.json b/2020/28xxx/CVE-2020-28941.json new file mode 100644 index 00000000000..06ddc8e4012 --- /dev/null +++ b/2020/28xxx/CVE-2020-28941.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-28941", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4718.json b/2020/4xxx/CVE-2020-4718.json index 8d191982be9..bf6f030f163 100644 --- a/2020/4xxx/CVE-2020-4718.json +++ b/2020/4xxx/CVE-2020-4718.json @@ -1,99 +1,99 @@ { - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/pages/node/6370099", - "title" : "IBM Security Bulletin 6370099 (Jazz Reporting Service)", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6370099" - }, - { - "name" : "ibm-jazz-cve20204718-xss (187731)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/187731", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Jazz Reporting Service 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 187731." - } - ] - }, - "data_version" : "4.0", - "affects" : { - "vendor" : { - "vendor_data" : [ + "references": { + "reference_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "6.0.6" - }, - { - "version_value" : "6.0.6.1" - }, - { - "version_value" : "7.0" - }, - { - "version_value" : "7.0.1" - } - ] - }, - "product_name" : "Jazz Reporting Service" - } - ] - }, - "vendor_name" : "IBM" + "name": "https://www.ibm.com/support/pages/node/6370099", + "title": "IBM Security Bulletin 6370099 (Jazz Reporting Service)", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6370099" + }, + { + "name": "ibm-jazz-cve20204718-xss (187731)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/187731", + "title": "X-Force Vulnerability Report" } - ] - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Jazz Reporting Service 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 187731." + } + ] + }, + "data_version": "4.0", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "6.0.6" + }, + { + "version_value": "6.0.6.1" + }, + { + "version_value": "7.0" + }, + { + "version_value": "7.0.1" + } + ] + }, + "product_name": "Jazz Reporting Service" + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "A" : "N", - "S" : "C", - "AV" : "N", - "I" : "L", - "AC" : "L", - "C" : "L", - "SCORE" : "6.400", - "UI" : "N", - "PR" : "L" - }, - "TM" : { - "E" : "H", - "RL" : "O", - "RC" : "C" - } - } - }, - "data_type" : "CVE", - "CVE_data_meta" : { - "ID" : "CVE-2020-4718", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2020-11-18T00:00:00" - }, - "data_format" : "MITRE" -} + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "A": "N", + "S": "C", + "AV": "N", + "I": "L", + "AC": "L", + "C": "L", + "SCORE": "6.400", + "UI": "N", + "PR": "L" + }, + "TM": { + "E": "H", + "RL": "O", + "RC": "C" + } + } + }, + "data_type": "CVE", + "CVE_data_meta": { + "ID": "CVE-2020-4718", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2020-11-18T00:00:00" + }, + "data_format": "MITRE" +} \ No newline at end of file diff --git a/2020/9xxx/CVE-2020-9049.json b/2020/9xxx/CVE-2020-9049.json index 86d6cddab49..2379dc1b347 100644 --- a/2020/9xxx/CVE-2020-9049.json +++ b/2020/9xxx/CVE-2020-9049.json @@ -1,18 +1,120 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "productsecurity@jci.com", + "DATE_PUBLIC": "2020-11-19T14:00:00.000Z", "ID": "CVE-2020-9049", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "victor Web Client and C\u2022CURE Web Client JSON Web Token (JWT) Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "victor Web Client version 5.6 and prior", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "5.6" + } + ] + } + }, + { + "product_name": "C\u2022CURE Web Client version 2.90 and prior (Note - This does not affect the new web-based C\u2022CURE 9000 client that was introduced in C\u2022CURE 9000 v2.90)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "2.90" + } + ] + } + } + ] + }, + "vendor_name": "Johnson Controls" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Joachim Kerschbaumer reported this vulnerability to Johnson Controls, Inc." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in specified versions of American Dynamics victor Web Client and Software House C\u2022CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own JSON Web Token and use it to execute an HTTP API Method without the need for valid authentication/authorization. Under certain circumstances, this could be used by an attacker to impact system availability by conducting a Denial of Service attack." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-285 : Improper Access Control (Authorization)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories", + "refsource": "CONFIRM", + "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories" + }, + { + "name": "ICS-CERT Advisory", + "refsource": "CERT", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-01" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-01", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-01" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "victor Web Client\n\n\u2022\tvictor Web Client v5.6 and earlier \u2013 upgrade to v5.6 SP1 (victor Unified Client v5.6 SP1)\n\nRegistered users can obtain the software update by downloading the update found here: https://www.americandynamics.net/support/SoftwareDownloads.aspx.\n\nC\u2022CURE Web Client\n\nC\u2022CURE Web v2.60 and earlier - upgrade to a minimum of v2.70 and install the relevant update below.\n\n\u2022\tC\u2022CURE Web v2.70 - install the update WebClient_c2.70_5.2_Update02\n\u2022\tC\u2022CURE Web v2.80 - install the update WebClient_c2.80_v5.4.1_Update04\n\u2022\tC\u2022CURE Web v2.90 - install the update CCureWeb_2.90_Update01 \n\nRegistered users can obtain the software update by downloading the update found here: https://swhouse.com/Support/SoftwareDownloads.aspx." + } + ], + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file