admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-05-28 15:01:33 +00:00
parent 10eb9e0eeb
commit b31e923968
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
19 changed files with 922 additions and 712 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/11xxx/CVE-2020-11494.json
View File

@ -76,6 +76,11 @@
"refsource": "UBUNTU",
"name": "USN-4368-1",
"url": "https://usn.ubuntu.com/4368-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4363-1",
"url": "https://usn.ubuntu.com/4363-1/"
}
]
}

5
2020/11xxx/CVE-2020-11565.json
View File

@ -81,6 +81,11 @@
"refsource": "UBUNTU",
"name": "USN-4368-1",
"url": "https://usn.ubuntu.com/4368-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4363-1",
"url": "https://usn.ubuntu.com/4363-1/"
}
]
}

5
2020/11xxx/CVE-2020-11669.json
View File

@ -101,6 +101,11 @@
"refsource": "UBUNTU",
"name": "USN-4368-1",
"url": "https://usn.ubuntu.com/4368-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4363-1",
"url": "https://usn.ubuntu.com/4363-1/"
}
]
}

5
2020/12xxx/CVE-2020-12657.json
View File

@ -81,6 +81,11 @@
"refsource": "UBUNTU",
"name": "USN-4368-1",
"url": "https://usn.ubuntu.com/4368-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4363-1",
"url": "https://usn.ubuntu.com/4363-1/"
}
]
}

66
2020/13xxx/CVE-2020-13362.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13362",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In QEMU 4.2.0, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg06250.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg06250.html"
},
{
"url": "https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg03131.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg03131.html"
},
{
"refsource": "CONFIRM",
"name": "http://www.openwall.com/lists/oss-security/2020/05/28/2",
"url": "http://www.openwall.com/lists/oss-security/2020/05/28/2"
}
]
}

72
2020/13xxx/CVE-2020-13649.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13649",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/jerryscript-project/jerryscript/issues/3786",
"refsource": "MISC",
"name": "https://github.com/jerryscript-project/jerryscript/issues/3786"
},
{
"url": "https://github.com/jerryscript-project/jerryscript/issues/3788",
"refsource": "MISC",
"name": "https://github.com/jerryscript-project/jerryscript/issues/3788"
},
{
"url": "https://github.com/jerryscript-project/jerryscript/commit/69f8e78c2f8d562bd6d8002b5488f1662ac30d24",
"refsource": "MISC",
"name": "https://github.com/jerryscript-project/jerryscript/commit/69f8e78c2f8d562bd6d8002b5488f1662ac30d24"
}
]
}
}

18
2020/13xxx/CVE-2020-13650.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13650",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/13xxx/CVE-2020-13651.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13651",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/13xxx/CVE-2020-13652.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13652",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2020/3xxx/CVE-2020-3327.json
View File

@ -104,6 +104,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-b0acd7b66e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/"
},
{
"refsource": "UBUNTU",
"name": "USN-4370-1",
"url": "https://usn.ubuntu.com/4370-1/"
}
]
},

5
2020/3xxx/CVE-2020-3341.json
View File

@ -104,6 +104,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-b0acd7b66e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/"
},
{
"refsource": "UBUNTU",
"name": "USN-4370-1",
"url": "https://usn.ubuntu.com/4370-1/"
}
]
},

174
2020/4xxx/CVE-2020-4231.json
View File

@ -1,90 +1,90 @@
{
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6207905",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6207905 (Security Identity Governance and Intelligence)",
"url" : "https://www.ibm.com/support/pages/node/6207905"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175335",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-sig-cve20204231-sec-bypass (175335)"
}
]
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Bypass Security"
}
]
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2020-4231",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-05-27T00:00:00"
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"A" : "N",
"AC" : "L",
"SCORE" : "4.300",
"UI" : "N",
"PR" : "L",
"I" : "L",
"AV" : "N",
"C" : "N",
"S" : "U"
}
}
},
"data_version" : "4.0",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
"references": {
"reference_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
]
},
"vendor_name" : "IBM"
"name": "https://www.ibm.com/support/pages/node/6207905",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6207905 (Security Identity Governance and Intelligence)",
"url": "https://www.ibm.com/support/pages/node/6207905"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175335",
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-sig-cve20204231-sec-bypass (175335)"
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 could allow an authenticated user to perform unauthorized commands due to hazardous input validation. IBM X-Force ID: 175335.",
"lang" : "eng"
}
]
}
}
]
},
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Bypass Security"
}
]
}
]
},
"CVE_data_meta": {
"ID": "CVE-2020-4231",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-05-27T00:00:00"
},
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
},
"BM": {
"A": "N",
"AC": "L",
"SCORE": "4.300",
"UI": "N",
"PR": "L",
"I": "L",
"AV": "N",
"C": "N",
"S": "U"
}
}
},
"data_version": "4.0",
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "5.2.6"
}
]
},
"product_name": "Security Identity Governance and Intelligence"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"description": {
"description_data": [
{
"value": "IBM Security Identity Governance and Intelligence 5.2.6 could allow an authenticated user to perform unauthorized commands due to hazardous input validation. IBM X-Force ID: 175335.",
"lang": "eng"
}
]
}
}

176
2020/4xxx/CVE-2020-4232.json
View File

@ -1,90 +1,90 @@
{
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"PR" : "N",
"UI" : "N",
"A" : "N",
"AC" : "L",
"SCORE" : "5.300",
"AV" : "N",
"C" : "L",
"S" : "U",
"I" : "N"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-05-27T00:00:00",
"ID" : "CVE-2020-4232",
"ASSIGNER" : "psirt@us.ibm.com"
},
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6207906 (Security Identity Governance and Intelligence)",
"url" : "https://www.ibm.com/support/pages/node/6207906",
"name" : "https://www.ibm.com/support/pages/node/6207906"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175336",
"name" : "ibm-sig-cve20204232-info-disc (175336)"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credentials which could be used to attempt further attacks against the system. IBM X-Force ID: 175336."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
]
}
"data_version": "4.0",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM": {
"PR": "N",
"UI": "N",
"A": "N",
"AC": "L",
"SCORE": "5.300",
"AV": "N",
"C": "L",
"S": "U",
"I": "N"
}
]
}
},
"data_format" : "MITRE"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-05-27T00:00:00",
"ID": "CVE-2020-4232",
"ASSIGNER": "psirt@us.ibm.com"
},
"data_type": "CVE",
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6207906 (Security Identity Governance and Intelligence)",
"url": "https://www.ibm.com/support/pages/node/6207906",
"name": "https://www.ibm.com/support/pages/node/6207906"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175336",
"name": "ibm-sig-cve20204232-info-disc (175336)"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credentials which could be used to attempt further attacks against the system. IBM X-Force ID: 175336."
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "5.2.6"
}
]
},
"product_name": "Security Identity Governance and Intelligence"
}
]
}
}
]
}
},
"data_format": "MITRE"
}

174
2020/4xxx/CVE-2020-4233.json
View File

@ -1,90 +1,90 @@
{
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2020-4233",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-05-27T00:00:00"
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6207912 (Security Identity Governance and Intelligence)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6207912",
"name" : "https://www.ibm.com/support/pages/node/6207912"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175360",
"name" : "ibm-sig-cve20204233-info-disc (175360)"
}
]
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "N",
"UI" : "N",
"SCORE" : "3.700",
"A" : "N",
"AC" : "H",
"S" : "U",
"AV" : "N",
"C" : "L",
"I" : "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
]
}
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM X-Force ID: 175360."
}
]
}
}
]
},
"CVE_data_meta": {
"ID": "CVE-2020-4233",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-05-27T00:00:00"
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6207912 (Security Identity Governance and Intelligence)",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6207912",
"name": "https://www.ibm.com/support/pages/node/6207912"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175360",
"name": "ibm-sig-cve20204233-info-disc (175360)"
}
]
},
"data_version": "4.0",
"impact": {
"cvssv3": {
"BM": {
"PR": "N",
"UI": "N",
"SCORE": "3.700",
"A": "N",
"AC": "H",
"S": "U",
"AV": "N",
"C": "L",
"I": "N"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "5.2.6"
}
]
},
"product_name": "Security Identity Governance and Intelligence"
}
]
}
}
]
}
},
"data_format": "MITRE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM X-Force ID: 175360."
}
]
}
}

176
2020/4xxx/CVE-2020-4244.json
View File

@ -1,90 +1,90 @@
{
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Security Identity Governance and Intelligence",
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 could allow an unauthorized user to obtain sensitive information through user enumeration. IBM X-Force ID: 175422."
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6207907 (Security Identity Governance and Intelligence)",
"url" : "https://www.ibm.com/support/pages/node/6207907",
"name" : "https://www.ibm.com/support/pages/node/6207907"
},
{
"name" : "ibm-sig-cve20204244-info-disc (175422)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175422",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2020-4244",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-05-27T00:00:00"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Identity Governance and Intelligence",
"version": {
"version_data": [
{
"version_value": "5.2.6"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"I" : "N",
"C" : "L",
"AV" : "N",
"S" : "U",
"AC" : "L",
"A" : "N",
"SCORE" : "5.300",
"PR" : "N",
"UI" : "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"data_version" : "4.0"
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Identity Governance and Intelligence 5.2.6 could allow an unauthorized user to obtain sensitive information through user enumeration. IBM X-Force ID: 175422."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6207907 (Security Identity Governance and Intelligence)",
"url": "https://www.ibm.com/support/pages/node/6207907",
"name": "https://www.ibm.com/support/pages/node/6207907"
},
{
"name": "ibm-sig-cve20204244-info-disc (175422)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175422",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"CVE_data_meta": {
"ID": "CVE-2020-4244",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-05-27T00:00:00"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"I": "N",
"C": "L",
"AV": "N",
"S": "U",
"AC": "L",
"A": "N",
"SCORE": "5.300",
"PR": "N",
"UI": "N"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"data_version": "4.0"
}

176
2020/4xxx/CVE-2020-4245.json
View File

@ -1,90 +1,90 @@
{
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 175423."
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6207908 (Security Identity Governance and Intelligence)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6207908",
"name" : "https://www.ibm.com/support/pages/node/6207908"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175423",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-sig-cve20204245-info-disc (175423)"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "5.2.6"
}
]
},
"product_name": "Security Identity Governance and Intelligence"
}
]
}
}
]
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4245",
"DATE_PUBLIC" : "2020-05-27T00:00:00",
"STATE" : "PUBLIC"
},
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "5.900",
"AC" : "H",
"A" : "N",
"PR" : "N",
"UI" : "N",
"I" : "N",
"S" : "U",
"C" : "H",
"AV" : "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"data_version" : "4.0"
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 175423."
}
]
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6207908 (Security Identity Governance and Intelligence)",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6207908",
"name": "https://www.ibm.com/support/pages/node/6207908"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175423",
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-sig-cve20204245-info-disc (175423)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4245",
"DATE_PUBLIC": "2020-05-27T00:00:00",
"STATE": "PUBLIC"
},
"impact": {
"cvssv3": {
"BM": {
"SCORE": "5.900",
"AC": "H",
"A": "N",
"PR": "N",
"UI": "N",
"I": "N",
"S": "U",
"C": "H",
"AV": "N"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"data_version": "4.0"
}

172
2020/4xxx/CVE-2020-4246.json
View File

@ -1,90 +1,90 @@
{
"description" : {
"description_data" : [
{
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 175481.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"description": {
"description_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
]
},
"vendor_name" : "IBM"
"value": "IBM Security Identity Governance and Intelligence 5.2.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 175481.",
"lang": "eng"
}
]
}
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"PR" : "L",
"UI" : "N",
"AC" : "L",
"A" : "L",
"SCORE" : "7.100",
"C" : "H",
"AV" : "N",
"S" : "U",
"I" : "N"
}
}
},
"data_version" : "4.0",
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "5.2.6"
}
]
},
"product_name": "Security Identity Governance and Intelligence"
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-05-27T00:00:00",
"ID" : "CVE-2020-4246",
"ASSIGNER" : "psirt@us.ibm.com"
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6207902",
"url" : "https://www.ibm.com/support/pages/node/6207902",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6207902 (Security Identity Governance and Intelligence)"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175481",
"name" : "ibm-sig-cve20204246-xxe (175481)"
}
]
}
}
}
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
},
"BM": {
"PR": "L",
"UI": "N",
"AC": "L",
"A": "L",
"SCORE": "7.100",
"C": "H",
"AV": "N",
"S": "U",
"I": "N"
}
}
},
"data_version": "4.0",
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-05-27T00:00:00",
"ID": "CVE-2020-4246",
"ASSIGNER": "psirt@us.ibm.com"
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6207902",
"url": "https://www.ibm.com/support/pages/node/6207902",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6207902 (Security Identity Governance and Intelligence)"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175481",
"name": "ibm-sig-cve20204246-xxe (175481)"
}
]
}
}

176
2020/4xxx/CVE-2020-4249.json
View File

@ -1,90 +1,90 @@
{
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"I" : "N",
"S" : "U",
"C" : "H",
"AV" : "N",
"SCORE" : "6.500",
"AC" : "L",
"A" : "N",
"PR" : "L",
"UI" : "N"
}
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6207911",
"url" : "https://www.ibm.com/support/pages/node/6207911",
"title" : "IBM Security Bulletin 6207911 (Security Identity Governance and Intelligence)",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-sig-cve20204249-info-disc (175485)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175485",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-05-27T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4249"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect authorization. IBM X-Force ID: 175485."
}
]
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
]
},
"vendor_name" : "IBM"
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
},
"BM": {
"I": "N",
"S": "U",
"C": "H",
"AV": "N",
"SCORE": "6.500",
"AC": "L",
"A": "N",
"PR": "L",
"UI": "N"
}
]
}
}
}
}
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6207911",
"url": "https://www.ibm.com/support/pages/node/6207911",
"title": "IBM Security Bulletin 6207911 (Security Identity Governance and Intelligence)",
"refsource": "CONFIRM"
},
{
"name": "ibm-sig-cve20204249-info-disc (175485)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175485",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2020-05-27T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4249"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect authorization. IBM X-Force ID: 175485."
}
]
},
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "5.2.6"
}
]
},
"product_name": "Security Identity Governance and Intelligence"
}
]
},
"vendor_name": "IBM"
}
]
}
}
}

188
2020/4xxx/CVE-2020-4419.json
View File

@ -1,96 +1,96 @@
{
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
},
{
"version_value" : "7.0"
}
]
},
"product_name" : "Jazz Reporting Service"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 180071.",
"lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6217403",
"url" : "https://www.ibm.com/support/pages/node/6217403",
"title" : "IBM Security Bulletin 6217403 (Jazz Reporting Service)",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-jazz-cve20204419-xss (180071)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/180071",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
}
]
},
"product_name": "Jazz Reporting Service"
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-05-27T00:00:00",
"ID" : "CVE-2020-4419",
"ASSIGNER" : "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "H",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"UI" : "R",
"PR" : "L",
"AC" : "L",
"A" : "N",
"SCORE" : "5.400",
"C" : "L",
"AV" : "N",
"S" : "C",
"I" : "L"
}
}
},
"data_version" : "4.0"
}
}
},
"description": {
"description_data": [
{
"value": "IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 180071.",
"lang": "eng"
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6217403",
"url": "https://www.ibm.com/support/pages/node/6217403",
"title": "IBM Security Bulletin 6217403 (Jazz Reporting Service)",
"refsource": "CONFIRM"
},
{
"name": "ibm-jazz-cve20204419-xss (180071)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/180071",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-Site Scripting",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-05-27T00:00:00",
"ID": "CVE-2020-4419",
"ASSIGNER": "psirt@us.ibm.com"
},
"impact": {
"cvssv3": {
"TM": {
"E": "H",
"RL": "O",
"RC": "C"
},
"BM": {
"UI": "R",
"PR": "L",
"AC": "L",
"A": "N",
"SCORE": "5.400",
"C": "L",
"AV": "N",
"S": "C",
"I": "L"
}
}
},
"data_version": "4.0"
}