admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update for vendor name

Browse Source 
Same as rapid7#33 -- add the vendor name to the title and desc
This commit is contained in:
Tod Beardsley 2020-09-03 08:47:24 -05:00 committed by GitHub
parent d3814ce0ea
commit bacc86d28e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2020/7xxx/CVE-2020-7381.json
View File

@ -3,7 +3,7 @@
"ASSIGNER": "cve@rapid7.con", "ASSIGNER": "cve@rapid7.con",
"ID": "CVE-2020-7381", "ID": "CVE-2020-7381",
"STATE": "PUBLIC", "STATE": "PUBLIC",
"TITLE": "Code Injection in Nexpose Installer" "TITLE": "Code Injection in Rapid7 Nexpose Installer"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -42,7 +42,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "In Nexpose installer versions prior to 6.6.40, the Nexpose installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during a Security Console installation and any arbitrary code executable using the same file name." "value": "In Rapid7 Nexpose installer versions prior to 6.6.40, the Nexpose installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during a Security Console installation and any arbitrary code executable using the same file name."
} }
] ]
}, },