admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

IBM20200528-103829

Browse Source 
Added CVE-2020-4249, CVE-2020-4232, CVE-2020-4244, CVE-2020-4419, CVE-2020-4245, CVE-2020-4231, CVE-2020-4246, CVE-2020-4233
This commit is contained in:
Scott Moore - IBM 2020-05-28 10:38:29 -04:00
parent 0e82bd24f1
commit c5b2ff1e07
No known key found for this signature in database
GPG Key ID: 8E6C411D57F2D75C
8 changed files with 702 additions and 120 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
2020/4xxx/CVE-2020-4231.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4231",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6207905",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6207905 (Security Identity Governance and Intelligence)",
"url" : "https://www.ibm.com/support/pages/node/6207905"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175335",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-sig-cve20204231-sec-bypass (175335)"
}
]
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Bypass Security"
}
]
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2020-4231",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-05-27T00:00:00"
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"A" : "N",
"AC" : "L",
"SCORE" : "4.300",
"UI" : "N",
"PR" : "L",
"I" : "L",
"AV" : "N",
"C" : "N",
"S" : "U"
}
}
},
"data_version" : "4.0",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 could allow an authenticated user to perform unauthorized commands due to hazardous input validation. IBM X-Force ID: 175335.",
"lang" : "eng"
}
]
}
}

102
2020/4xxx/CVE-2020-4232.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4232",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"PR" : "N",
"UI" : "N",
"A" : "N",
"AC" : "L",
"SCORE" : "5.300",
"AV" : "N",
"C" : "L",
"S" : "U",
"I" : "N"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-05-27T00:00:00",
"ID" : "CVE-2020-4232",
"ASSIGNER" : "psirt@us.ibm.com"
},
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6207906 (Security Identity Governance and Intelligence)",
"url" : "https://www.ibm.com/support/pages/node/6207906",
"name" : "https://www.ibm.com/support/pages/node/6207906"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175336",
"name" : "ibm-sig-cve20204232-info-disc (175336)"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credentials which could be used to attempt further attacks against the system. IBM X-Force ID: 175336."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
]
}
}
]
}
}
]
}
},
"data_format" : "MITRE"
}

102
2020/4xxx/CVE-2020-4233.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4233",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2020-4233",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-05-27T00:00:00"
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6207912 (Security Identity Governance and Intelligence)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6207912",
"name" : "https://www.ibm.com/support/pages/node/6207912"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175360",
"name" : "ibm-sig-cve20204233-info-disc (175360)"
}
]
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "N",
"UI" : "N",
"SCORE" : "3.700",
"A" : "N",
"AC" : "H",
"S" : "U",
"AV" : "N",
"C" : "L",
"I" : "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
]
}
}
]
}
}
]
}
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM X-Force ID: 175360."
}
]
}
}

102
2020/4xxx/CVE-2020-4244.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4244",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Security Identity Governance and Intelligence",
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 could allow an unauthorized user to obtain sensitive information through user enumeration. IBM X-Force ID: 175422."
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6207907 (Security Identity Governance and Intelligence)",
"url" : "https://www.ibm.com/support/pages/node/6207907",
"name" : "https://www.ibm.com/support/pages/node/6207907"
},
{
"name" : "ibm-sig-cve20204244-info-disc (175422)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175422",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2020-4244",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-05-27T00:00:00"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"I" : "N",
"C" : "L",
"AV" : "N",
"S" : "U",
"AC" : "L",
"A" : "N",
"SCORE" : "5.300",
"PR" : "N",
"UI" : "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"data_version" : "4.0"
}

102
2020/4xxx/CVE-2020-4245.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4245",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
]
}
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 175423."
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6207908 (Security Identity Governance and Intelligence)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6207908",
"name" : "https://www.ibm.com/support/pages/node/6207908"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175423",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-sig-cve20204245-info-disc (175423)"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4245",
"DATE_PUBLIC" : "2020-05-27T00:00:00",
"STATE" : "PUBLIC"
},
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "5.900",
"AC" : "H",
"A" : "N",
"PR" : "N",
"UI" : "N",
"I" : "N",
"S" : "U",
"C" : "H",
"AV" : "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"data_version" : "4.0"
}

102
2020/4xxx/CVE-2020-4246.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4246",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"description" : {
"description_data" : [
{
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 175481.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"PR" : "L",
"UI" : "N",
"AC" : "L",
"A" : "L",
"SCORE" : "7.100",
"C" : "H",
"AV" : "N",
"S" : "U",
"I" : "N"
}
}
},
"data_version" : "4.0",
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-05-27T00:00:00",
"ID" : "CVE-2020-4246",
"ASSIGNER" : "psirt@us.ibm.com"
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6207902",
"url" : "https://www.ibm.com/support/pages/node/6207902",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6207902 (Security Identity Governance and Intelligence)"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175481",
"name" : "ibm-sig-cve20204246-xxe (175481)"
}
]
}
}

102
2020/4xxx/CVE-2020-4249.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4249",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"I" : "N",
"S" : "U",
"C" : "H",
"AV" : "N",
"SCORE" : "6.500",
"AC" : "L",
"A" : "N",
"PR" : "L",
"UI" : "N"
}
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6207911",
"url" : "https://www.ibm.com/support/pages/node/6207911",
"title" : "IBM Security Bulletin 6207911 (Security Identity Governance and Intelligence)",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-sig-cve20204249-info-disc (175485)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175485",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-05-27T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4249"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect authorization. IBM X-Force ID: 175485."
}
]
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.6"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
}
}

108
2020/4xxx/CVE-2020-4419.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4419",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
},
{
"version_value" : "7.0"
}
]
},
"product_name" : "Jazz Reporting Service"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 180071.",
"lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6217403",
"url" : "https://www.ibm.com/support/pages/node/6217403",
"title" : "IBM Security Bulletin 6217403 (Jazz Reporting Service)",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-jazz-cve20204419-xss (180071)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/180071",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-05-27T00:00:00",
"ID" : "CVE-2020-4419",
"ASSIGNER" : "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "H",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"UI" : "R",
"PR" : "L",
"AC" : "L",
"A" : "N",
"SCORE" : "5.400",
"C" : "L",
"AV" : "N",
"S" : "C",
"I" : "L"
}
}
},
"data_version" : "4.0"
}