admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-06-15 14:01:35 +00:00
parent 6d31650112
commit c6d57ffeee
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
39 changed files with 2582 additions and 717 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
2019/19xxx/CVE-2019-19109.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpForo plugin 1.6.5 for WordPress allows wp-admin/admin.php?page=wpforo-usergroups CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://twitter.com/Sh0ckFR/status/1257298443527053313",
"url": "https://twitter.com/Sh0ckFR/status/1257298443527053313"
}
]
}
}

62
2019/19xxx/CVE-2019-19110.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases s parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://twitter.com/Sh0ckFR/status/1257298443527053313",
"url": "https://twitter.com/Sh0ckFR/status/1257298443527053313"
}
]
}
}

62
2019/19xxx/CVE-2019-19111.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases langid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://twitter.com/Sh0ckFR/status/1257298443527053313",
"url": "https://twitter.com/Sh0ckFR/status/1257298443527053313"
}
]
}
}

62
2019/19xxx/CVE-2019-19112.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpForo plugin 1.6.5 for WordPress allows XSS involving the wpf-dw-td-value class of dashboard.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://twitter.com/Sh0ckFR/status/1257298443527053313",
"url": "https://twitter.com/Sh0ckFR/status/1257298443527053313"
}
]
}
}

62
2020/0xxx/CVE-2020-0527.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0527",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) SSD",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00266.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00266.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient control flow management in firmware for some Intel(R) Data Center SSDs may allow a privileged user to potentially enable information disclosure via local access."
}
]
}
}

62
2020/0xxx/CVE-2020-0528.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0528",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "BIOS",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00322.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00322.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access."
}
]
}
}

62
2020/0xxx/CVE-2020-0529.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0529",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "BIOS",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00322.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00322.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper initialization in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an unauthenticated user to potentially enable escalation of privilege via local access."
}
]
}
}

62
2020/0xxx/CVE-2020-0531.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0531",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) AMT",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an authenticated user to potentially enable information disclosure via network access."
}
]
}
}

62
2020/0xxx/CVE-2020-0532.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0532",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) AMT",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service, Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access."
}
]
}
}

62
2020/0xxx/CVE-2020-0533.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0533",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) CSME",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service, Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access."
}
]
}
}

62
2020/0xxx/CVE-2020-0534.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0534",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) CSME",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access."
}
]
}
}

62
2020/0xxx/CVE-2020-0535.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0535",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) AMT",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in Intel(R) AMT versions before 11.8.76, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access."
}
]
}
}

62
2020/0xxx/CVE-2020-0536.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0536",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) CSME",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network access."
}
]
}
}

62
2020/0xxx/CVE-2020-0537.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0537",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) AMT",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow a privileged user to potentially enable denial of service via network access."
}
]
}
}

62
2020/0xxx/CVE-2020-0538.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0538",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) AMT",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service via network access."
}
]
}
}

62
2020/0xxx/CVE-2020-0539.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0539",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) AMT and Intel(R) CSME",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service, Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access."
}
]
}
}

62
2020/0xxx/CVE-2020-0540.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0540",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) AMT",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficiently protected credentials in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access."
}
]
}
}

62
2020/0xxx/CVE-2020-0541.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0541",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) CSME",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds write in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
}
}

62
2020/0xxx/CVE-2020-0542.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0542",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) CSME",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service, Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access."
}
]
}
}

62
2020/0xxx/CVE-2020-0543.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0543",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
}
}

62
2020/0xxx/CVE-2020-0545.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0545",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) CSME, Intel(R) TXE, and Intel(R) SPS",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access."
}
]
}
}

62
2020/0xxx/CVE-2020-0566.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0566",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) TXE",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Access Control in subsystem for Intel(R) TXE versions before 3.175 and 4.0.25 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
}
]
}
}

62
2020/0xxx/CVE-2020-0586.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0586",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) SPS",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper initialization in subsystem for Intel(R) SPS versions before SPS_E3_04.01.04.109.0 and SPS_E3_04.08.04.070.0 may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access."
}
]
}
}

62
2020/0xxx/CVE-2020-0594.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0594",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) AMT and Intel(R) ISM",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access."
}
]
}
}

62
2020/0xxx/CVE-2020-0595.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0595",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) AMT and Intel(R) ISM",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use after free in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access."
}
]
}
}

62
2020/0xxx/CVE-2020-0596.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0596",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) AMT and Intel(R) ISM",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in DHCPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access."
}
]
}
}

62
2020/0xxx/CVE-2020-0597.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0597",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) AMT and Intel(R) ISM",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 14.0.33 may allow an unauthenticated user to potentially enable denial of service via network access."
}
]
}
}

18
2020/14xxx/CVE-2020-14144.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-14144",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/14xxx/CVE-2020-14145.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-14145",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

67
2020/14xxx/CVE-2020-14146.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-14146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KumbiaPHP through 1.1.1, in Development mode, allows XSS via the public/pages/kumbia PATH_INFO."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/jenaye/KumbiaPHP-",
"refsource": "MISC",
"name": "https://github.com/jenaye/KumbiaPHP-"
},
{
"url": "https://github.com/KumbiaPHP/KumbiaPHP/releases",
"refsource": "MISC",
"name": "https://github.com/KumbiaPHP/KumbiaPHP/releases"
}
]
}
}

178
2020/4xxx/CVE-2020-4216.json
View File

@ -1,93 +1,93 @@
{
"data_format" : "MITRE",
"data_version" : "4.0",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"I" : "N",
"SCORE" : "7.500",
"A" : "N",
"S" : "U",
"UI" : "N",
"C" : "H",
"AC" : "L",
"PR" : "N",
"AV" : "N"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"CVE_data_meta" : {
"ID" : "CVE-2020-4216",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-06-12T00:00:00"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Spectrum Protect Plus",
"version" : {
"version_data" : [
{
"version_value" : "10.1.0"
},
{
"version_value" : "10.1.5"
}
]
}
}
]
},
"vendor_name" : "IBM"
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"I": "N",
"SCORE": "7.500",
"A": "N",
"S": "U",
"UI": "N",
"C": "H",
"AC": "L",
"PR": "N",
"AV": "N"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
}
},
"CVE_data_meta": {
"ID": "CVE-2020-4216",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-06-12T00:00:00"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spectrum Protect Plus",
"version": {
"version_data": [
{
"version_value": "10.1.0"
},
{
"version_value": "10.1.5"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6221332",
"name" : "https://www.ibm.com/support/pages/node/6221332",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6221332 (Spectrum Protect Plus)"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-specturm-cve20204216-info-disc (175066)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175066",
"refsource" : "XF"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 175066."
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6221332",
"name": "https://www.ibm.com/support/pages/node/6221332",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6221332 (Spectrum Protect Plus)"
},
{
"title": "X-Force Vulnerability Report",
"name": "ibm-specturm-cve20204216-info-disc (175066)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175066",
"refsource": "XF"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 175066."
}
]
}
}

258
2020/4xxx/CVE-2020-4406.json
View File

@ -1,132 +1,132 @@
{
"data_format" : "MITRE",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"AV" : "N",
"C" : "L",
"PR" : "L",
"AC" : "L",
"UI" : "R",
"S" : "C",
"SCORE" : "5.400",
"A" : "N",
"I" : "L"
}
}
},
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2020-4406",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-06-12T00:00:00"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Spectrum Protect Client (Linux and Windows)",
"version" : {
"version_data" : [
{
"version_value" : "8.1.7.0"
},
{
"version_value" : "8.1.9.1"
}
]
}
},
{
"product_name" : "Spectrum Protect Client (AIX)",
"version" : {
"version_data" : [
{
"version_value" : "8.1.9.0"
},
{
"version_value" : "8.1.9.1"
}
]
}
},
{
"product_name" : "Spectrum Protect for Space Management (AIX)",
"version" : {
"version_data" : [
{
"version_value" : "8.1.9.0"
},
{
"version_value" : "8.1.9.1"
}
]
}
},
{
"product_name" : "Spectrum Protect for Space Management (Linux)",
"version" : {
"version_data" : [
{
"version_value" : "8.1.7.0"
},
{
"version_value" : "8.1.9.1"
}
]
}
}
]
}
"data_format": "MITRE",
"data_type": "CVE",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"AV": "N",
"C": "L",
"PR": "L",
"AC": "L",
"UI": "R",
"S": "C",
"SCORE": "5.400",
"A": "N",
"I": "L"
}
]
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6221448 (Spectrum Protect Client (Linux and Windows))",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6221448",
"name" : "https://www.ibm.com/support/pages/node/6221448"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/179488",
"name" : "ibm-spectrum-cve20204406-clickjacking (179488)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 179488."
}
]
}
}
},
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4406",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-06-12T00:00:00"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Access",
"lang": "eng"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Spectrum Protect Client (Linux and Windows)",
"version": {
"version_data": [
{
"version_value": "8.1.7.0"
},
{
"version_value": "8.1.9.1"
}
]
}
},
{
"product_name": "Spectrum Protect Client (AIX)",
"version": {
"version_data": [
{
"version_value": "8.1.9.0"
},
{
"version_value": "8.1.9.1"
}
]
}
},
{
"product_name": "Spectrum Protect for Space Management (AIX)",
"version": {
"version_data": [
{
"version_value": "8.1.9.0"
},
{
"version_value": "8.1.9.1"
}
]
}
},
{
"product_name": "Spectrum Protect for Space Management (Linux)",
"version": {
"version_data": [
{
"version_value": "8.1.7.0"
},
{
"version_value": "8.1.9.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6221448 (Spectrum Protect Client (Linux and Windows))",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6221448",
"name": "https://www.ibm.com/support/pages/node/6221448"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/179488",
"name": "ibm-spectrum-cve20204406-clickjacking (179488)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 179488."
}
]
}
}

180
2020/4xxx/CVE-2020-4469.json
View File

@ -1,93 +1,93 @@
{
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-06-12T00:00:00",
"ID" : "CVE-2020-4469",
"ASSIGNER" : "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "8.100",
"A" : "H",
"I" : "H",
"UI" : "N",
"S" : "U",
"PR" : "N",
"AC" : "H",
"C" : "H",
"AV" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"data_type" : "CVE",
"data_version" : "4.0",
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. This vulnerability is due to an incomplete fix for CVE-2020-4211. IBM X-Force ID: 181724."
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6221358",
"name" : "https://www.ibm.com/support/pages/node/6221358",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6221358 (Spectrum Protect Plus)"
},
{
"name" : "ibm-spectrum-cve20204469-code-exec (181724)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/181724",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Spectrum Protect Plus",
"version" : {
"version_data" : [
{
"version_value" : "10.1.0"
},
{
"version_value" : "10.1.5"
}
]
}
}
]
}
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-06-12T00:00:00",
"ID": "CVE-2020-4469",
"ASSIGNER": "psirt@us.ibm.com"
},
"impact": {
"cvssv3": {
"BM": {
"SCORE": "8.100",
"A": "H",
"I": "H",
"UI": "N",
"S": "U",
"PR": "N",
"AC": "H",
"C": "H",
"AV": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
]
}
}
}
},
"data_type": "CVE",
"data_version": "4.0",
"data_format": "MITRE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. This vulnerability is due to an incomplete fix for CVE-2020-4211. IBM X-Force ID: 181724."
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6221358",
"name": "https://www.ibm.com/support/pages/node/6221358",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6221358 (Spectrum Protect Plus)"
},
{
"name": "ibm-spectrum-cve20204469-code-exec (181724)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181724",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Access",
"lang": "eng"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Spectrum Protect Plus",
"version": {
"version_data": [
{
"version_value": "10.1.0"
},
{
"version_value": "10.1.5"
}
]
}
}
]
}
}
]
}
}
}

178
2020/4xxx/CVE-2020-4470.json
View File

@ -1,93 +1,93 @@
{
"CVE_data_meta" : {
"ID" : "CVE-2020-4470",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2020-06-12T00:00:00",
"STATE" : "PUBLIC"
},
"data_format" : "MITRE",
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "7.100",
"A" : "H",
"I" : "H",
"UI" : "R",
"S" : "U",
"C" : "H",
"PR" : "L",
"AC" : "H",
"AV" : "N"
},
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
}
}
},
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6221358 (Spectrum Protect Plus)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6221358",
"url" : "https://www.ibm.com/support/pages/node/6221358"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/181725",
"name" : "ibm-spectrum-cve20204470-file-upload (181725)",
"refsource" : "XF"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect Plus 10.1.0 through 10.1.5 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. IBM X-Force ID: 181725."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Spectrum Protect Plus",
"version" : {
"version_data" : [
{
"version_value" : "10.1.0"
},
{
"version_value" : "10.1.5"
}
]
}
}
]
}
"CVE_data_meta": {
"ID": "CVE-2020-4470",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-06-12T00:00:00",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"impact": {
"cvssv3": {
"BM": {
"SCORE": "7.100",
"A": "H",
"I": "H",
"UI": "R",
"S": "U",
"C": "H",
"PR": "L",
"AC": "H",
"AV": "N"
},
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
}
},
"data_type": "CVE",
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6221358 (Spectrum Protect Plus)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6221358",
"url": "https://www.ibm.com/support/pages/node/6221358"
},
{
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181725",
"name": "ibm-spectrum-cve20204470-file-upload (181725)",
"refsource": "XF"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Protect Plus 10.1.0 through 10.1.5 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. IBM X-Force ID: 181725."
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Spectrum Protect Plus",
"version": {
"version_data": [
{
"version_value": "10.1.0"
},
{
"version_value": "10.1.5"
}
]
}
}
]
}
}
]
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Privileges",
"lang": "eng"
}
]
}
]
}
}

178
2020/4xxx/CVE-2020-4471.json
View File

@ -1,93 +1,93 @@
{
"description" : {
"description_data" : [
{
"value" : "IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an unauthenticated attacker to cause a denial of service or hijack DNS sessions by send a specially crafted HTTP command to the remote server. IBM X-Force ID: 181726.",
"lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6221358 (Spectrum Protect Plus)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6221358",
"name" : "https://www.ibm.com/support/pages/node/6221358"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/181726",
"name" : "ibm-spectrum-cve20204471-dos (181726)",
"refsource" : "XF"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Denial of Service",
"lang" : "eng"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "10.1.0"
},
{
"version_value" : "10.1.5"
}
]
},
"product_name" : "Spectrum Protect Plus"
}
]
}
"value": "IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an unauthenticated attacker to cause a denial of service or hijack DNS sessions by send a specially crafted HTTP command to the remote server. IBM X-Force ID: 181726.",
"lang": "eng"
}
]
}
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-06-12T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4471"
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"PR" : "N",
"AC" : "H",
"C" : "N",
"UI" : "N",
"S" : "U",
"A" : "L",
"SCORE" : "4.800",
"I" : "L"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"data_version" : "4.0",
"data_format" : "MITRE"
]
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6221358 (Spectrum Protect Plus)",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6221358",
"name": "https://www.ibm.com/support/pages/node/6221358"
},
{
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181726",
"name": "ibm-spectrum-cve20204471-dos (181726)",
"refsource": "XF"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Denial of Service",
"lang": "eng"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "10.1.0"
},
{
"version_value": "10.1.5"
}
]
},
"product_name": "Spectrum Protect Plus"
}
]
}
}
]
}
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-06-12T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4471"
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"AV": "N",
"PR": "N",
"AC": "H",
"C": "N",
"UI": "N",
"S": "U",
"A": "L",
"SCORE": "4.800",
"I": "L"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"data_version": "4.0",
"data_format": "MITRE"
}

178
2020/4xxx/CVE-2020-4477.json
View File

@ -1,93 +1,93 @@
{
"data_format" : "MITRE",
"data_version" : "4.0",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"UI" : "N",
"I" : "N",
"SCORE" : "5.300",
"A" : "N",
"AV" : "N",
"C" : "H",
"AC" : "H",
"PR" : "L"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"CVE_data_meta" : {
"ID" : "CVE-2020-4477",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2020-06-12T00:00:00",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "10.1.0"
},
{
"version_value" : "10.1.5"
}
]
},
"product_name" : "Spectrum Protect Plus"
}
]
}
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"S": "U",
"UI": "N",
"I": "N",
"SCORE": "5.300",
"A": "N",
"AV": "N",
"C": "H",
"AC": "H",
"PR": "L"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
}
},
"CVE_data_meta": {
"ID": "CVE-2020-4477",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-06-12T00:00:00",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "10.1.0"
},
{
"version_value": "10.1.5"
}
]
},
"product_name": "Spectrum Protect Plus"
}
]
}
}
]
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6221388 (Spectrum Protect Plus)",
"url" : "https://www.ibm.com/support/pages/node/6221388",
"name" : "https://www.ibm.com/support/pages/node/6221388",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-spectrum-cve20204477-info-disc (181779)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/181779"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect Plus 10.1.0 through 10.1.5 discloses highly sensitive information in plain text in the virgo log file which could be used in further attacks against the system. IBM X-Force ID: 181779."
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6221388 (Spectrum Protect Plus)",
"url": "https://www.ibm.com/support/pages/node/6221388",
"name": "https://www.ibm.com/support/pages/node/6221388",
"refsource": "CONFIRM"
},
{
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-spectrum-cve20204477-info-disc (181779)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181779"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Protect Plus 10.1.0 through 10.1.5 discloses highly sensitive information in plain text in the virgo log file which could be used in further attacks against the system. IBM X-Force ID: 181779."
}
]
}
}

258
2020/4xxx/CVE-2020-4494.json
View File

@ -1,132 +1,132 @@
{
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"I" : "N",
"A" : "N",
"SCORE" : "7.500",
"S" : "U",
"UI" : "N",
"C" : "H",
"AC" : "L",
"PR" : "N",
"AV" : "N"
}
}
},
"data_type" : "CVE",
"data_version" : "4.0",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-06-12T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4494"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "8.1.7.0"
},
{
"version_value" : "8.1.9.1"
}
]
},
"product_name" : "Spectrum Protect for Space Management (Linux)"
},
{
"version" : {
"version_data" : [
{
"version_value" : "8.1.9.0"
},
{
"version_value" : "8.1.9.1"
}
]
},
"product_name" : "Spectrum Protect for Space Management (AIX)"
},
{
"product_name" : "Spectrum Protect Client (AIX)",
"version" : {
"version_data" : [
{
"version_value" : "8.1.9.0"
},
{
"version_value" : "8.1.9.1"
}
]
}
},
{
"product_name" : "Spectrum Protect Client (Linux and Windows)",
"version" : {
"version_data" : [
{
"version_value" : "8.1.7.0"
},
{
"version_value" : "8.1.9.1"
}
]
}
}
]
}
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
},
"BM": {
"I": "N",
"A": "N",
"SCORE": "7.500",
"S": "U",
"UI": "N",
"C": "H",
"AC": "L",
"PR": "N",
"AV": "N"
}
]
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6221448 (Spectrum Protect Client (Linux and Windows))",
"name" : "https://www.ibm.com/support/pages/node/6221448",
"url" : "https://www.ibm.com/support/pages/node/6221448",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-spectrum-cve20204494-info-disc (182019)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/182019"
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow an attacker to bypass authentication due to improper session validation which can result in access to unauthorized resources. IBM X-Force ID: 182019.",
"lang" : "eng"
}
]
}
}
},
"data_type": "CVE",
"data_version": "4.0",
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-06-12T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4494"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "8.1.7.0"
},
{
"version_value": "8.1.9.1"
}
]
},
"product_name": "Spectrum Protect for Space Management (Linux)"
},
{
"version": {
"version_data": [
{
"version_value": "8.1.9.0"
},
{
"version_value": "8.1.9.1"
}
]
},
"product_name": "Spectrum Protect for Space Management (AIX)"
},
{
"product_name": "Spectrum Protect Client (AIX)",
"version": {
"version_data": [
{
"version_value": "8.1.9.0"
},
{
"version_value": "8.1.9.1"
}
]
}
},
{
"product_name": "Spectrum Protect Client (Linux and Windows)",
"version": {
"version_data": [
{
"version_value": "8.1.7.0"
},
{
"version_value": "8.1.9.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6221448 (Spectrum Protect Client (Linux and Windows))",
"name": "https://www.ibm.com/support/pages/node/6221448",
"url": "https://www.ibm.com/support/pages/node/6221448",
"refsource": "CONFIRM"
},
{
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-spectrum-cve20204494-info-disc (182019)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/182019"
}
]
},
"description": {
"description_data": [
{
"value": "IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow an attacker to bypass authentication due to improper session validation which can result in access to unauthorized resources. IBM X-Force ID: 182019.",
"lang": "eng"
}
]
}
}

50
2020/8xxx/CVE-2020-8674.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8674",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) AMT and Intel(R) ISM",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out-of-bounds read in DHCPv6 subsystem in Intel(R) AMT and Intel(R)ISM versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64 and 14.0.33 may allow an unauthenticated user to potentially enable information disclosure via network access."
}
]
}

50
2020/8xxx/CVE-2020-8675.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8675",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R)Innovation Engine Advisory",
"version": {
"version_data": [
{
"version_value": "before version 1.0.859"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient control flow management in firmware build and signing tool for Intel(R) Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
}
]
}