From b252d6db2d0d5716c4f4a7c790aa834f99b9aa28 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 14 Apr 2020 17:01:16 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/16xxx/CVE-2019-16879.json | 62 ++++++++++++++++++++++++++++++++++ 2020/10xxx/CVE-2020-10381.json | 56 ++++++++++++++++++++++++++---- 2020/10xxx/CVE-2020-10382.json | 56 ++++++++++++++++++++++++++---- 2020/10xxx/CVE-2020-10383.json | 56 ++++++++++++++++++++++++++---- 2020/11xxx/CVE-2020-11713.json | 5 +++ 2020/7xxx/CVE-2020-7800.json | 56 ++++++++++++++++++++++++++---- 2020/7xxx/CVE-2020-7801.json | 56 ++++++++++++++++++++++++++---- 2020/7xxx/CVE-2020-7802.json | 56 ++++++++++++++++++++++++++---- 8 files changed, 367 insertions(+), 36 deletions(-) create mode 100644 2019/16xxx/CVE-2019-16879.json diff --git a/2019/16xxx/CVE-2019-16879.json b/2019/16xxx/CVE-2019-16879.json new file mode 100644 index 00000000000..7941c63ec36 --- /dev/null +++ b/2019/16xxx/CVE-2019-16879.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16879", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has a Missing Authentication for Critical Function (CWE-306) vulnerability. The affected product does not require authentication for TELNET access, which may allow an attacker to change configuration or perform other malicious activities." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-20-042-01", + "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-01" + } + ] + } +} \ No newline at end of file diff --git a/2020/10xxx/CVE-2020-10381.json b/2020/10xxx/CVE-2020-10381.json index 5f06895bf14..592e42be1fe 100644 --- a/2020/10xxx/CVE-2020-10381.json +++ b/2020/10xxx/CVE-2020-10381.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10381", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10381", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an unauthenticated SQL injection in DATA24, allowing attackers to discover database and table names." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html", + "url": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html" } ] } diff --git a/2020/10xxx/CVE-2020-10382.json b/2020/10xxx/CVE-2020-10382.json index 4e87487bb90..016cb5b4305 100644 --- a/2020/10xxx/CVE-2020-10382.json +++ b/2020/10xxx/CVE-2020-10382.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10382", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10382", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an authenticated remote code execution in the backup-scheduler." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html", + "url": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html" } ] } diff --git a/2020/10xxx/CVE-2020-10383.json b/2020/10xxx/CVE-2020-10383.json index 0087bec2bc5..8e3dc9abdb8 100644 --- a/2020/10xxx/CVE-2020-10383.json +++ b/2020/10xxx/CVE-2020-10383.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10383", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10383", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an unauthenticated remote code execution in the com_mb24sysapi module." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html", + "url": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html" } ] } diff --git a/2020/11xxx/CVE-2020-11713.json b/2020/11xxx/CVE-2020-11713.json index 1be856f47c8..b10fb269bee 100644 --- a/2020/11xxx/CVE-2020-11713.json +++ b/2020/11xxx/CVE-2020-11713.json @@ -56,6 +56,11 @@ "url": "https://github.com/wolfSSL/wolfssl/pull/2894/", "refsource": "MISC", "name": "https://github.com/wolfSSL/wolfssl/pull/2894/" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/pietroborrello/7c5be2d1dc15349c4ffc8671f0aad04f", + "url": "https://gist.github.com/pietroborrello/7c5be2d1dc15349c4ffc8671f0aad04f" } ] } diff --git a/2020/7xxx/CVE-2020-7800.json b/2020/7xxx/CVE-2020-7800.json index 00ce42da9f0..cbc088064bd 100644 --- a/2020/7xxx/CVE-2020-7800.json +++ b/2020/7xxx/CVE-2020-7800.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-7800", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-7800", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has an Improper Check for Unusual or Exceptional Conditions (CWE-754) vulnerability. The affected product is vulnerable to specially crafted TCP packets, which can cause the device to shut down or reboot and lose configuration settings. This is a different issue than CVE-2019-16879, CVE-2019-20045, CVE-2019-20046, CVE-2020-7801, and CVE-2020-7802." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-20-042-01", + "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-01" } ] } diff --git a/2020/7xxx/CVE-2020-7801.json b/2020/7xxx/CVE-2020-7801.json index 3a91a64d963..708b23ed617 100644 --- a/2020/7xxx/CVE-2020-7801.json +++ b/2020/7xxx/CVE-2020-7801.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-7801", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-7801", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has an Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) vulnerability. The affected product is vulnerable to information exposure over the SNMP protocol. This is a different issue than CVE-2019-16879, CVE-2019-20045, CVE-2019-20046, CVE-2020-7800, and CVE-2020-7802." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-20-042-01", + "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-01" } ] } diff --git a/2020/7xxx/CVE-2020-7802.json b/2020/7xxx/CVE-2020-7802.json index 57ad3a87a07..7cbac910faa 100644 --- a/2020/7xxx/CVE-2020-7802.json +++ b/2020/7xxx/CVE-2020-7802.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-7802", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-7802", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has an Incorrect Default Permissions (CWE-276) vulnerability. The affected product is vulnerable to insufficient default permissions, which could allow an attacker to view network configurations through SNMP communication. This is a different issue than CVE-2019-16879, CVE-2019-20045, CVE-2019-20046, CVE-2020-7800, and CVE-2020-7801." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-20-042-01", + "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-01" } ] }