From bdf55d1a159abbe40699ca009acda5f40ef88f7c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 24 Sep 2020 18:02:29 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2016/9xxx/CVE-2016-9398.json | 5 ++++ 2016/9xxx/CVE-2016-9399.json | 5 ++++ 2017/14xxx/CVE-2017-14132.json | 5 ++++ 2017/5xxx/CVE-2017-5499.json | 5 ++++ 2017/5xxx/CVE-2017-5503.json | 5 ++++ 2017/5xxx/CVE-2017-5504.json | 5 ++++ 2017/5xxx/CVE-2017-5505.json | 5 ++++ 2017/9xxx/CVE-2017-9782.json | 5 ++++ 2018/18xxx/CVE-2018-18873.json | 5 ++++ 2018/19xxx/CVE-2018-19139.json | 5 ++++ 2018/19xxx/CVE-2018-19543.json | 5 ++++ 2018/20xxx/CVE-2018-20570.json | 5 ++++ 2018/20xxx/CVE-2018-20622.json | 5 ++++ 2018/9xxx/CVE-2018-9252.json | 5 ++++ 2019/10xxx/CVE-2019-10740.json | 5 ++++ 2020/12xxx/CVE-2020-12625.json | 5 ++++ 2020/12xxx/CVE-2020-12640.json | 5 ++++ 2020/12xxx/CVE-2020-12641.json | 5 ++++ 2020/12xxx/CVE-2020-12811.json | 50 ++++++++++++++++++++++++++++++++-- 2020/12xxx/CVE-2020-12815.json | 50 ++++++++++++++++++++++++++++++++-- 2020/15xxx/CVE-2020-15562.json | 5 ++++ 2020/16xxx/CVE-2020-16145.json | 5 ++++ 2020/3xxx/CVE-2020-3428.json | 4 +-- 2020/3xxx/CVE-2020-3429.json | 4 +-- 2020/3xxx/CVE-2020-3465.json | 4 +-- 2020/3xxx/CVE-2020-3474.json | 4 +-- 2020/3xxx/CVE-2020-3475.json | 4 +-- 2020/3xxx/CVE-2020-3476.json | 4 +-- 2020/3xxx/CVE-2020-3477.json | 4 +-- 2020/3xxx/CVE-2020-3479.json | 4 +-- 2020/3xxx/CVE-2020-3480.json | 4 +-- 2020/3xxx/CVE-2020-3486.json | 4 +-- 2020/3xxx/CVE-2020-3487.json | 4 +-- 2020/3xxx/CVE-2020-3488.json | 4 +-- 2020/3xxx/CVE-2020-3489.json | 4 +-- 2020/3xxx/CVE-2020-3492.json | 4 +-- 2020/3xxx/CVE-2020-3493.json | 4 +-- 2020/3xxx/CVE-2020-3494.json | 4 +-- 2020/3xxx/CVE-2020-3497.json | 4 +-- 2020/3xxx/CVE-2020-3503.json | 4 +-- 2020/3xxx/CVE-2020-3508.json | 4 +-- 2020/3xxx/CVE-2020-3509.json | 4 +-- 2020/3xxx/CVE-2020-3510.json | 4 +-- 2020/3xxx/CVE-2020-3511.json | 4 +-- 2020/3xxx/CVE-2020-3512.json | 4 +-- 2020/3xxx/CVE-2020-3513.json | 4 +-- 2020/3xxx/CVE-2020-3516.json | 4 +-- 2020/3xxx/CVE-2020-3524.json | 4 +-- 2020/3xxx/CVE-2020-3526.json | 4 +-- 2020/3xxx/CVE-2020-3527.json | 4 +-- 2020/3xxx/CVE-2020-3552.json | 4 +-- 2020/3xxx/CVE-2020-3559.json | 4 +-- 2020/3xxx/CVE-2020-3560.json | 4 +-- 53 files changed, 256 insertions(+), 68 deletions(-) diff --git a/2016/9xxx/CVE-2016-9398.json b/2016/9xxx/CVE-2016-9398.json index 9e455f3435a..22609f323db 100644 --- a/2016/9xxx/CVE-2016-9398.json +++ b/2016/9xxx/CVE-2016-9398.json @@ -81,6 +81,11 @@ "name": "94382", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94382" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2016/9xxx/CVE-2016-9399.json b/2016/9xxx/CVE-2016-9399.json index 25570735b78..f9f39973ed7 100644 --- a/2016/9xxx/CVE-2016-9399.json +++ b/2016/9xxx/CVE-2016-9399.json @@ -71,6 +71,11 @@ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1396981", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396981" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2017/14xxx/CVE-2017-14132.json b/2017/14xxx/CVE-2017-14132.json index 00720fc49a6..c9260e38d7c 100644 --- a/2017/14xxx/CVE-2017-14132.json +++ b/2017/14xxx/CVE-2017-14132.json @@ -66,6 +66,11 @@ "refsource": "GENTOO", "name": "GLSA-201908-03", "url": "https://security.gentoo.org/glsa/201908-03" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2017/5xxx/CVE-2017-5499.json b/2017/5xxx/CVE-2017-5499.json index 0308e230cd6..fea9946d508 100644 --- a/2017/5xxx/CVE-2017-5499.json +++ b/2017/5xxx/CVE-2017-5499.json @@ -61,6 +61,11 @@ "name": "95666", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95666" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2017/5xxx/CVE-2017-5503.json b/2017/5xxx/CVE-2017-5503.json index 60db3283395..8e0106b18aa 100644 --- a/2017/5xxx/CVE-2017-5503.json +++ b/2017/5xxx/CVE-2017-5503.json @@ -76,6 +76,11 @@ "refsource": "GENTOO", "name": "GLSA-201908-03", "url": "https://security.gentoo.org/glsa/201908-03" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2017/5xxx/CVE-2017-5504.json b/2017/5xxx/CVE-2017-5504.json index ae82e97a905..4102acd3c12 100644 --- a/2017/5xxx/CVE-2017-5504.json +++ b/2017/5xxx/CVE-2017-5504.json @@ -66,6 +66,11 @@ "refsource": "GENTOO", "name": "GLSA-201908-03", "url": "https://security.gentoo.org/glsa/201908-03" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2017/5xxx/CVE-2017-5505.json b/2017/5xxx/CVE-2017-5505.json index e4fe51e2965..443dd68c8f3 100644 --- a/2017/5xxx/CVE-2017-5505.json +++ b/2017/5xxx/CVE-2017-5505.json @@ -76,6 +76,11 @@ "refsource": "GENTOO", "name": "GLSA-201908-03", "url": "https://security.gentoo.org/glsa/201908-03" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2017/9xxx/CVE-2017-9782.json b/2017/9xxx/CVE-2017-9782.json index f15e1827593..c7d2e215840 100644 --- a/2017/9xxx/CVE-2017-9782.json +++ b/2017/9xxx/CVE-2017-9782.json @@ -61,6 +61,11 @@ "refsource": "GENTOO", "name": "GLSA-201908-03", "url": "https://security.gentoo.org/glsa/201908-03" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2018/18xxx/CVE-2018-18873.json b/2018/18xxx/CVE-2018-18873.json index b9dad69244e..074e0dd3d8b 100644 --- a/2018/18xxx/CVE-2018-18873.json +++ b/2018/18xxx/CVE-2018-18873.json @@ -71,6 +71,11 @@ "url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuapr2020.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2018/19xxx/CVE-2018-19139.json b/2018/19xxx/CVE-2018-19139.json index 6b4f6d98ffe..764d15b2e31 100644 --- a/2018/19xxx/CVE-2018-19139.json +++ b/2018/19xxx/CVE-2018-19139.json @@ -71,6 +71,11 @@ "url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuapr2020.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2018/19xxx/CVE-2018-19543.json b/2018/19xxx/CVE-2018-19543.json index 42e92ff0152..f4757c78d6e 100644 --- a/2018/19xxx/CVE-2018-19543.json +++ b/2018/19xxx/CVE-2018-19543.json @@ -61,6 +61,11 @@ "url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuapr2020.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2018/20xxx/CVE-2018-20570.json b/2018/20xxx/CVE-2018-20570.json index 453b2fb947f..12490d301a1 100644 --- a/2018/20xxx/CVE-2018-20570.json +++ b/2018/20xxx/CVE-2018-20570.json @@ -66,6 +66,11 @@ "url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuapr2020.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2018/20xxx/CVE-2018-20622.json b/2018/20xxx/CVE-2018-20622.json index 89be31416b4..fcfd0938182 100644 --- a/2018/20xxx/CVE-2018-20622.json +++ b/2018/20xxx/CVE-2018-20622.json @@ -71,6 +71,11 @@ "url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuapr2020.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2018/9xxx/CVE-2018-9252.json b/2018/9xxx/CVE-2018-9252.json index 8ef03797a4a..1952235ac04 100644 --- a/2018/9xxx/CVE-2018-9252.json +++ b/2018/9xxx/CVE-2018-9252.json @@ -61,6 +61,11 @@ "url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuapr2020.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1517", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html" } ] } diff --git a/2019/10xxx/CVE-2019-10740.json b/2019/10xxx/CVE-2019-10740.json index 48d77555c3a..d03fe492239 100644 --- a/2019/10xxx/CVE-2019-10740.json +++ b/2019/10xxx/CVE-2019-10740.json @@ -66,6 +66,11 @@ "refsource": "CONFIRM", "name": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.10", "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.10" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1516", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html" } ] } diff --git a/2020/12xxx/CVE-2020-12625.json b/2020/12xxx/CVE-2020-12625.json index 5830fcd658b..2c1100c4060 100644 --- a/2020/12xxx/CVE-2020-12625.json +++ b/2020/12xxx/CVE-2020-12625.json @@ -81,6 +81,11 @@ "refsource": "GENTOO", "name": "GLSA-202007-41", "url": "https://security.gentoo.org/glsa/202007-41" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1516", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html" } ] } diff --git a/2020/12xxx/CVE-2020-12640.json b/2020/12xxx/CVE-2020-12640.json index c4d5037e9b5..c705312f1b6 100644 --- a/2020/12xxx/CVE-2020-12640.json +++ b/2020/12xxx/CVE-2020-12640.json @@ -81,6 +81,11 @@ "refsource": "GENTOO", "name": "GLSA-202007-41", "url": "https://security.gentoo.org/glsa/202007-41" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1516", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html" } ] } diff --git a/2020/12xxx/CVE-2020-12641.json b/2020/12xxx/CVE-2020-12641.json index c32b60ab0a3..c96837f3f1e 100644 --- a/2020/12xxx/CVE-2020-12641.json +++ b/2020/12xxx/CVE-2020-12641.json @@ -81,6 +81,11 @@ "refsource": "GENTOO", "name": "GLSA-202007-41", "url": "https://security.gentoo.org/glsa/202007-41" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1516", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html" } ] } diff --git a/2020/12xxx/CVE-2020-12811.json b/2020/12xxx/CVE-2020-12811.json index 08026e772ea..775681724cf 100644 --- a/2020/12xxx/CVE-2020-12811.json +++ b/2020/12xxx/CVE-2020-12811.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12811", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Fortinet", + "product": { + "product_data": [ + { + "product_name": "Fortinet FortiManager, FortiAnalyzer", + "version": { + "version_data": [ + { + "version_value": "FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3 ; FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Execute unauthorized code or commands" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://fortiguard.com/advisory/FG-IR-20-005", + "url": "https://fortiguard.com/advisory/FG-IR-20-005" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An improper neutralization of script-related HTML tags in a web page in FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3and FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3 may allow an attacker to execute a cross site scripting (XSS) via the Identify Provider name field." } ] } diff --git a/2020/12xxx/CVE-2020-12815.json b/2020/12xxx/CVE-2020-12815.json index 2c43248b8a6..2482d85c3a7 100644 --- a/2020/12xxx/CVE-2020-12815.json +++ b/2020/12xxx/CVE-2020-12815.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12815", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Fortinet", + "product": { + "product_data": [ + { + "product_name": "Fortinet FortiTester", + "version": { + "version_data": [ + { + "version_value": "FortiTester before 3.9.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Execute unauthorized code or commands" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://fortiguard.com/advisory/FG-IR-20-054", + "url": "https://fortiguard.com/advisory/FG-IR-20-054" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An improper neutralization of input vulnerability in FortiTester before 3.9.0 may allow a remote authenticated attacker to inject script related HTML tags via IPv4/IPv6 address fields." } ] } diff --git a/2020/15xxx/CVE-2020-15562.json b/2020/15xxx/CVE-2020-15562.json index 76df39e3c38..da99ce92e87 100644 --- a/2020/15xxx/CVE-2020-15562.json +++ b/2020/15xxx/CVE-2020-15562.json @@ -76,6 +76,11 @@ "refsource": "DEBIAN", "name": "DSA-4720", "url": "https://www.debian.org/security/2020/dsa-4720" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1516", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html" } ] } diff --git a/2020/16xxx/CVE-2020-16145.json b/2020/16xxx/CVE-2020-16145.json index 0f2eeed0989..5e7545cf4ed 100644 --- a/2020/16xxx/CVE-2020-16145.json +++ b/2020/16xxx/CVE-2020-16145.json @@ -81,6 +81,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-b1e023936e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBLUQRIBAMEQVBO6GUZECCHJDJIWCYFU/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1516", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html" } ] } diff --git a/2020/3xxx/CVE-2020-3428.json b/2020/3xxx/CVE-2020-3428.json index 938e36679fb..6c143e33adc 100644 --- a/2020/3xxx/CVE-2020-3428.json +++ b/2020/3xxx/CVE-2020-3428.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.\r The vulnerability is due to incorrect parsing of HTTP packets while performing HTTP-based endpoint device classifications. An attacker could exploit this vulnerability by sending a crafted HTTP packet to an affected device. A successful exploit could cause an affected device to reboot, resulting in a DoS condition.\r " + "value": "A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect parsing of HTTP packets while performing HTTP-based endpoint device classifications. An attacker could exploit this vulnerability by sending a crafted HTTP packet to an affected device. A successful exploit could cause an affected device to reboot, resulting in a DoS condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3429.json b/2020/3xxx/CVE-2020-3429.json index b5141c74c54..ca204771c19 100644 --- a/2020/3xxx/CVE-2020-3429.json +++ b/2020/3xxx/CVE-2020-3429.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the WPA2 and WPA3 security implementation of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause denial of service (DoS) condition on an affected device.\r The vulnerability is due to incorrect packet processing during the WPA2 and WPA3 authentication handshake when configured for dot1x or pre-shared key (PSK) authentication key management (AKM) with 802.11r BSS Fast Transition (FT) enabled. An attacker could exploit this vulnerability by sending a crafted authentication packet to an affected device. A successful exploit could cause an affected device to reload, resulting in a DoS condition.\r " + "value": "A vulnerability in the WPA2 and WPA3 security implementation of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect packet processing during the WPA2 and WPA3 authentication handshake when configured for dot1x or pre-shared key (PSK) authentication key management (AKM) with 802.11r BSS Fast Transition (FT) enabled. An attacker could exploit this vulnerability by sending a crafted authentication packet to an affected device. A successful exploit could cause an affected device to reload, resulting in a DoS condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3465.json b/2020/3xxx/CVE-2020-3465.json index c3b031d3c1a..d33f2740cb1 100644 --- a/2020/3xxx/CVE-2020-3465.json +++ b/2020/3xxx/CVE-2020-3465.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload.\r The vulnerability is due to incorrect handling of certain valid, but not typical, Ethernet frames. An attacker could exploit this vulnerability by sending the Ethernet frames onto the Ethernet segment. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.\r " + "value": "A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload. The vulnerability is due to incorrect handling of certain valid, but not typical, Ethernet frames. An attacker could exploit this vulnerability by sending the Ethernet frames onto the Ethernet segment. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3474.json b/2020/3xxx/CVE-2020-3474.json index 7d534da986a..f2fca5f39f3 100644 --- a/2020/3xxx/CVE-2020-3474.json +++ b/2020/3xxx/CVE-2020-3474.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. " + "value": "Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3475.json b/2020/3xxx/CVE-2020-3475.json index fbf531304a6..050f033e2c6 100644 --- a/2020/3xxx/CVE-2020-3475.json +++ b/2020/3xxx/CVE-2020-3475.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. " + "value": "Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3476.json b/2020/3xxx/CVE-2020-3476.json index a66fdf6cbe7..643beaa950e 100644 --- a/2020/3xxx/CVE-2020-3476.json +++ b/2020/3xxx/CVE-2020-3476.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. The vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of any arbitrary file that resides on the underlying host file system. " + "value": "A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. The vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of any arbitrary file that resides on the underlying host file system." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3477.json b/2020/3xxx/CVE-2020-3477.json index 754b054795d..703c4fe7cfb 100644 --- a/2020/3xxx/CVE-2020-3477.json +++ b/2020/3xxx/CVE-2020-3477.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this vulnerability by using a specific command at the command line. A successful exploit could allow the attacker to obtain read-only access to files that are located on the flash: filesystem that otherwise might not have been accessible. " + "value": "A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this vulnerability by using a specific command at the command line. A successful exploit could allow the attacker to obtain read-only access to files that are located on the flash: filesystem that otherwise might not have been accessible." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3479.json b/2020/3xxx/CVE-2020-3479.json index a559afeb4e2..e56a062d34a 100644 --- a/2020/3xxx/CVE-2020-3479.json +++ b/2020/3xxx/CVE-2020-3479.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of Border Gateway Protocol (BGP) update messages that contain crafted EVPN attributes. An attacker could exploit this vulnerability by sending BGP update messages with specific, malformed attributes to an affected device. A successful exploit could allow the attacker to cause an affected device to crash, resulting in a DoS condition. " + "value": "A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of Border Gateway Protocol (BGP) update messages that contain crafted EVPN attributes. An attacker could exploit this vulnerability by sending BGP update messages with specific, malformed attributes to an affected device. A successful exploit could allow the attacker to cause an affected device to crash, resulting in a DoS condition." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3480.json b/2020/3xxx/CVE-2020-3480.json index af8aa8718f2..4c68746e7f0 100644 --- a/2020/3xxx/CVE-2020-3480.json +++ b/2020/3xxx/CVE-2020-3480.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall.\r The vulnerabilities are due to incomplete handling of Layer 4 packets through the device. An attacker could exploit these vulnerabilities by sending a certain sequence of traffic patterns through the device. A successful exploit could allow the attacker to cause the device to reload or stop forwarding traffic through the firewall, resulting in a denial of service.\r For more information about these vulnerabilities, see the Details section of this advisory.\r " + "value": "Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall. The vulnerabilities are due to incomplete handling of Layer 4 packets through the device. An attacker could exploit these vulnerabilities by sending a certain sequence of traffic patterns through the device. A successful exploit could allow the attacker to cause the device to reload or stop forwarding traffic through the firewall, resulting in a denial of service. For more information about these vulnerabilities, see the Details section of this advisory." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3486.json b/2020/3xxx/CVE-2020-3486.json index 37cad788c18..8e48b5c8242 100644 --- a/2020/3xxx/CVE-2020-3486.json +++ b/2020/3xxx/CVE-2020-3486.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.\r These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.\r " + "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device." } ] }, @@ -89,4 +89,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3487.json b/2020/3xxx/CVE-2020-3487.json index d3aac1868a8..d66d12405d7 100644 --- a/2020/3xxx/CVE-2020-3487.json +++ b/2020/3xxx/CVE-2020-3487.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.\r These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.\r " + "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device." } ] }, @@ -89,4 +89,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3488.json b/2020/3xxx/CVE-2020-3488.json index bfd49f988a9..8f9f01eff93 100644 --- a/2020/3xxx/CVE-2020-3488.json +++ b/2020/3xxx/CVE-2020-3488.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.\r These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.\r " + "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device." } ] }, @@ -89,4 +89,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3489.json b/2020/3xxx/CVE-2020-3489.json index 67453e01df1..f7eecdb12a5 100644 --- a/2020/3xxx/CVE-2020-3489.json +++ b/2020/3xxx/CVE-2020-3489.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.\r These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.\r " + "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device." } ] }, @@ -89,4 +89,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3492.json b/2020/3xxx/CVE-2020-3492.json index 584a38184ae..0f175393460 100644 --- a/2020/3xxx/CVE-2020-3492.json +++ b/2020/3xxx/CVE-2020-3492.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device.\r " + "value": "A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3493.json b/2020/3xxx/CVE-2020-3493.json index 8b80a8b6b30..773303da2ab 100644 --- a/2020/3xxx/CVE-2020-3493.json +++ b/2020/3xxx/CVE-2020-3493.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.\r These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.\r " + "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device." } ] }, @@ -89,4 +89,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3494.json b/2020/3xxx/CVE-2020-3494.json index c426034bf35..98f1c4da085 100644 --- a/2020/3xxx/CVE-2020-3494.json +++ b/2020/3xxx/CVE-2020-3494.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.\r These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.\r " + "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device." } ] }, @@ -89,4 +89,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3497.json b/2020/3xxx/CVE-2020-3497.json index b9a9e79bbde..730dbc2919b 100644 --- a/2020/3xxx/CVE-2020-3497.json +++ b/2020/3xxx/CVE-2020-3497.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.\r These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.\r " + "value": "Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device." } ] }, @@ -89,4 +89,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3503.json b/2020/3xxx/CVE-2020-3503.json index ea626f818fe..285f6f95427 100644 --- a/2020/3xxx/CVE-2020-3503.json +++ b/2020/3xxx/CVE-2020-3503.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could exploit this vulnerability by connecting to an affected device's guest shell, and accessing or modifying restricted files. A successful exploit could allow the attacker to view or modify restricted information or configurations that are normally not accessible to system administrators. " + "value": "A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could exploit this vulnerability by connecting to an affected device's guest shell, and accessing or modifying restricted files. A successful exploit could allow the attacker to view or modify restricted information or configurations that are normally not accessible to system administrators." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3508.json b/2020/3xxx/CVE-2020-3508.json index 426caa2d97e..cd0bef0f074 100644 --- a/2020/3xxx/CVE-2020-3508.json +++ b/2020/3xxx/CVE-2020-3508.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the IP Address Resolution Protocol (ARP) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor (ESP) installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service condition.\r The vulnerability is due to insufficient error handling when an affected device has reached platform limitations. An attacker could exploit this vulnerability by sending a malicious series of IP ARP messages to an affected device. A successful exploit could allow the attacker to exhaust system resources, which would eventually cause the affected device to reload.\r " + "value": "A vulnerability in the IP Address Resolution Protocol (ARP) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor (ESP) installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service condition. The vulnerability is due to insufficient error handling when an affected device has reached platform limitations. An attacker could exploit this vulnerability by sending a malicious series of IP ARP messages to an affected device. A successful exploit could allow the attacker to exhaust system resources, which would eventually cause the affected device to reload." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3509.json b/2020/3xxx/CVE-2020-3509.json index beb76bcc462..64167ca6eda 100644 --- a/2020/3xxx/CVE-2020-3509.json +++ b/2020/3xxx/CVE-2020-3509.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition.\r The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are parsed. An attacker could exploit this vulnerability by sending a malicious DHCPv4 message to or through a WAN interface of an affected device. A successful exploit could allow the attacker to cause a reload of the affected device.\r Note: On Cisco cBR-8 Converged Broadband Routers, all of the following are considered WAN interfaces:\r \r 10 Gbps Ethernet interfaces\r 100 Gbps Ethernet interfaces\r Port channel interfaces that include multiple 10 and/or 100 Gbps Ethernet interfaces\r \r " + "value": "A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are parsed. An attacker could exploit this vulnerability by sending a malicious DHCPv4 message to or through a WAN interface of an affected device. A successful exploit could allow the attacker to cause a reload of the affected device. Note: On Cisco cBR-8 Converged Broadband Routers, all of the following are considered WAN interfaces: 10 Gbps Ethernet interfaces 100 Gbps Ethernet interfaces Port channel interfaces that include multiple 10 and/or 100 Gbps Ethernet interfaces" } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3510.json b/2020/3xxx/CVE-2020-3510.json index e3cef601c90..4d9c7533104 100644 --- a/2020/3xxx/CVE-2020-3510.json +++ b/2020/3xxx/CVE-2020-3510.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in a denial of service condition on an affected device.\r The vulnerability is due to insufficient error handling when parsing DNS requests. An attacker could exploit this vulnerability by sending a series of malicious DNS requests to an Umbrella Connector client interface of an affected device. A successful exploit could allow the attacker to cause a crash of the iosd process, which triggers a reload of the affected device.\r " + "value": "A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in a denial of service condition on an affected device. The vulnerability is due to insufficient error handling when parsing DNS requests. An attacker could exploit this vulnerability by sending a series of malicious DNS requests to an Umbrella Connector client interface of an affected device. A successful exploit could allow the attacker to cause a crash of the iosd process, which triggers a reload of the affected device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3511.json b/2020/3xxx/CVE-2020-3511.json index 66ec3789b62..d93b77e2f0d 100644 --- a/2020/3xxx/CVE-2020-3511.json +++ b/2020/3xxx/CVE-2020-3511.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.\r The vulnerability is due to insufficient input validation when the ISDN Q.931 messages are processed. An attacker could exploit this vulnerability by sending a malicious ISDN Q.931 message to an affected device. A successful exploit could allow the attacker to cause the process to crash, resulting in a reload of the affected device.\r " + "value": "A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the ISDN Q.931 messages are processed. An attacker could exploit this vulnerability by sending a malicious ISDN Q.931 message to an affected device. A successful exploit could allow the attacker to cause the process to crash, resulting in a reload of the affected device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3512.json b/2020/3xxx/CVE-2020-3512.json index 6f8234c7596..5cd67608a26 100644 --- a/2020/3xxx/CVE-2020-3512.json +++ b/2020/3xxx/CVE-2020-3512.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition.\r The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.\r " + "value": "A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3513.json b/2020/3xxx/CVE-2020-3513.json index 1b0527675d3..72f0fd0f244 100644 --- a/2020/3xxx/CVE-2020-3513.json +++ b/2020/3xxx/CVE-2020-3513.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust.\r These vulnerabilities are due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit these vulnerabilities by copying a specific file to the local file system of an affected device and defining specific ROMMON variables. A successful exploit could allow the attacker to run arbitrary code on the underlying operating system (OS) with root privileges. To exploit these vulnerabilities, an attacker would need to have access to the root shell on the device or have physical access to the device.\r " + "value": "Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust. These vulnerabilities are due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit these vulnerabilities by copying a specific file to the local file system of an affected device and defining specific ROMMON variables. A successful exploit could allow the attacker to run arbitrary code on the underlying operating system (OS) with root privileges. To exploit these vulnerabilities, an attacker would need to have access to the root shell on the device or have physical access to the device." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3516.json b/2020/3xxx/CVE-2020-3516.json index d491c1e03c2..c277155afb2 100644 --- a/2020/3xxx/CVE-2020-3516.json +++ b/2020/3xxx/CVE-2020-3516.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote attacker to crash the web server on the device. The vulnerability is due to insufficient input validation during authentication. An attacker could exploit this vulnerability by entering unexpected characters during a valid authentication. A successful exploit could allow the attacker to crash the web server on the device, which must be manually recovered by disabling and re-enabling the web server. " + "value": "A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote attacker to crash the web server on the device. The vulnerability is due to insufficient input validation during authentication. An attacker could exploit this vulnerability by entering unexpected characters during a valid authentication. A successful exploit could allow the attacker to crash the web server on the device, which must be manually recovered by disabling and re-enabling the web server." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3524.json b/2020/3xxx/CVE-2020-3524.json index 93126d9179f..67eacb49334 100644 --- a/2020/3xxx/CVE-2020-3524.json +++ b/2020/3xxx/CVE-2020-3524.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device. The vulnerability is due to the presence of a debugging configuration option in the affected software. An attacker could exploit this vulnerability by connecting to an affected device through the console, forcing the device into ROMMON mode, and writing a malicious pattern using that specific option on the device. A successful exploit could allow the attacker to break the chain of trust and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco. " + "value": "A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device. The vulnerability is due to the presence of a debugging configuration option in the affected software. An attacker could exploit this vulnerability by connecting to an affected device through the console, forcing the device into ROMMON mode, and writing a malicious pattern using that specific option on the device. A successful exploit could allow the attacker to break the chain of trust and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco." } ] }, @@ -86,4 +86,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3526.json b/2020/3xxx/CVE-2020-3526.json index 892797fd32f..a74a94c3190 100644 --- a/2020/3xxx/CVE-2020-3526.json +++ b/2020/3xxx/CVE-2020-3526.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device.\r The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a malformed COPS message to the device. A successful exploit could allow the attacker to crash the device.\r " + "value": "A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a malformed COPS message to the device. A successful exploit could allow the attacker to crash the device." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3527.json b/2020/3xxx/CVE-2020-3527.json index 451334ad5a1..a2a204b5a44 100644 --- a/2020/3xxx/CVE-2020-3527.json +++ b/2020/3xxx/CVE-2020-3527.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to crash the device. The vulnerability is due to insufficient packet size validation. An attacker could exploit this vulnerability by sending jumbo frames or frames larger than the configured MTU size to the management interface of this device. A successful exploit could allow the attacker to crash the device fully before an automatic recovery. " + "value": "A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to crash the device. The vulnerability is due to insufficient packet size validation. An attacker could exploit this vulnerability by sending jumbo frames or frames larger than the configured MTU size to the management interface of this device. A successful exploit could allow the attacker to crash the device fully before an automatic recovery." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3552.json b/2020/3xxx/CVE-2020-3552.json index 1f6c1548cc2..5b2e27f2e41 100644 --- a/2020/3xxx/CVE-2020-3552.json +++ b/2020/3xxx/CVE-2020-3552.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device. " + "value": "A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3559.json b/2020/3xxx/CVE-2020-3559.json index d1b9d2ed66e..2f93be4fdd4 100644 --- a/2020/3xxx/CVE-2020-3559.json +++ b/2020/3xxx/CVE-2020-3559.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload. " + "value": "A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3560.json b/2020/3xxx/CVE-2020-3560.json index 816cc4c9e32..637ef19a128 100644 --- a/2020/3xxx/CVE-2020-3560.json +++ b/2020/3xxx/CVE-2020-3560.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device.\r The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.\r " + "value": "A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file