admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-06-16 20:01:22 +00:00
parent e41755bb40
commit ce6345832d
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
48 changed files with 1239 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/8xxx/CVE-2018-8740.json
View File

@ -96,6 +96,11 @@
"refsource": "UBUNTU",
"name": "USN-4205-1",
"url": "https://usn.ubuntu.com/4205-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4394-1",
"url": "https://usn.ubuntu.com/4394-1/"
}
]
}

5
2019/19xxx/CVE-2019-19603.json
View File

@ -71,6 +71,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4394-1",
"url": "https://usn.ubuntu.com/4394-1/"
}
]
}

5
2019/19xxx/CVE-2019-19645.json
View File

@ -66,6 +66,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4394-1",
"url": "https://usn.ubuntu.com/4394-1/"
}
]
}

5
2020/0xxx/CVE-2020-0543.json
View File

@ -68,6 +68,11 @@
"refsource": "UBUNTU",
"name": "USN-4392-1",
"url": "https://usn.ubuntu.com/4392-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4393-1",
"url": "https://usn.ubuntu.com/4393-1/"
}
]
},

5
2020/11xxx/CVE-2020-11042.json
View File

@ -88,6 +88,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
},

5
2020/11xxx/CVE-2020-11045.json
View File

@ -88,6 +88,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
},

5
2020/11xxx/CVE-2020-11046.json
View File

@ -88,6 +88,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
},

5
2020/11xxx/CVE-2020-11048.json
View File

@ -88,6 +88,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
},

5
2020/11xxx/CVE-2020-11049.json
View File

@ -93,6 +93,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
},

5
2020/11xxx/CVE-2020-11058.json
View File

@ -88,6 +88,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
},

5
2020/11xxx/CVE-2020-11521.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
}

5
2020/11xxx/CVE-2020-11522.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
}

5
2020/11xxx/CVE-2020-11523.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
}

5
2020/11xxx/CVE-2020-11525.json
View File

@ -76,6 +76,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
}

5
2020/11xxx/CVE-2020-11526.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
}

5
2020/11xxx/CVE-2020-11655.json
View File

@ -71,6 +71,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200505 [SECURITY] [DLA 2203-1] sqlite3 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00006.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4394-1",
"url": "https://usn.ubuntu.com/4394-1/"
}
]
}

5
2020/12xxx/CVE-2020-12654.json
View File

@ -106,6 +106,11 @@
"refsource": "UBUNTU",
"name": "USN-4392-1",
"url": "https://usn.ubuntu.com/4392-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4393-1",
"url": "https://usn.ubuntu.com/4393-1/"
}
]
}

92
2020/13xxx/CVE-2020-13162.json
View File

@ -1,17 +1,91 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13162",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13162",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://kb.pulsesecure.net/?atype=sa",
"refsource": "MISC",
"name": "https://kb.pulsesecure.net/?atype=sa"
},
{
"url": "https://twitter.com/sepcali/status/1262551597990711296",
"refsource": "MISC",
"name": "https://twitter.com/sepcali/status/1262551597990711296"
},
{
"url": "https://twitter.com/sepcali/status/1262551336152948738",
"refsource": "MISC",
"name": "https://twitter.com/sepcali/status/1262551336152948738"
},
{
"url": "https://twitter.com/sepcali/status/1262551277940211712",
"refsource": "MISC",
"name": "https://twitter.com/sepcali/status/1262551277940211712"
},
{
"url": "https://twitter.com/sepcali",
"refsource": "MISC",
"name": "https://twitter.com/sepcali"
},
{
"url": "https://github.com/sepcali",
"refsource": "MISC",
"name": "https://github.com/sepcali"
},
{
"refsource": "MISC",
"name": "https://www.redtimmy.com/privilege-escalation/pulse-secure-client-for-windows-9-1-6-toctou-privilege-escalation-cve-2020-13162/",
"url": "https://www.redtimmy.com/privilege-escalation/pulse-secure-client-for-windows-9-1-6-toctou-privilege-escalation-cve-2020-13162/"
}
]
}

5
2020/13xxx/CVE-2020-13396.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
}

5
2020/13xxx/CVE-2020-13397.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
}

5
2020/13xxx/CVE-2020-13398.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4379-1",
"url": "https://usn.ubuntu.com/4379-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4382-1",
"url": "https://usn.ubuntu.com/4382-1/"
}
]
}

5
2020/13xxx/CVE-2020-13434.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-0477f8840e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7KXQWHIY2MQP4LNM6ODWJENMXYYQYBN/"
},
{
"refsource": "UBUNTU",
"name": "USN-4394-1",
"url": "https://usn.ubuntu.com/4394-1/"
}
]
}

5
2020/13xxx/CVE-2020-13435.json
View File

@ -66,6 +66,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-0477f8840e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7KXQWHIY2MQP4LNM6ODWJENMXYYQYBN/"
},
{
"refsource": "UBUNTU",
"name": "USN-4394-1",
"url": "https://usn.ubuntu.com/4394-1/"
}
]
}

5
2020/13xxx/CVE-2020-13630.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200608-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200608-0002/"
},
{
"refsource": "UBUNTU",
"name": "USN-4394-1",
"url": "https://usn.ubuntu.com/4394-1/"
}
]
}

5
2020/13xxx/CVE-2020-13631.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200608-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200608-0002/"
},
{
"refsource": "UBUNTU",
"name": "USN-4394-1",
"url": "https://usn.ubuntu.com/4394-1/"
}
]
}

5
2020/13xxx/CVE-2020-13632.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200608-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200608-0002/"
},
{
"refsource": "UBUNTU",
"name": "USN-4394-1",
"url": "https://usn.ubuntu.com/4394-1/"
}
]
}

50
2020/7xxx/CVE-2020-7492.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7492",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "GP-Pro EX V1.00 to V4.09.100",
"version": {
"version_data": [
{
"version_value": "GP-Pro EX V1.00 to V4.09.100"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-521: Weak Password Requirements"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-133-01/",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-133-01/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-521: Weak Password Requirements vulnerability exists in the GP-Pro EX V1.00 to V4.09.100 which could cause the discovery of the password when the user is entering the password because it is not masqueraded."
}
]
}

50
2020/7xxx/CVE-2020-7493.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7493",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)",
"version": {
"version_data": [
{
"version_value": "EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-133-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-133-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the project file."
}
]
}

50
2020/7xxx/CVE-2020-7494.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7494",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)",
"version": {
"version_data": [
{
"version_value": "EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-133-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-133-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the project file."
}
]
}

50
2020/7xxx/CVE-2020-7495.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7495",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)",
"version": {
"version_data": [
{
"version_value": "EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-133-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-133-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability during zip file extraction exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause unauthorized write access outside of expected path folder when opening the project file."
}
]
}

50
2020/7xxx/CVE-2020-7496.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7496",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)",
"version": {
"version_data": [
{
"version_value": "EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-88: Argument Injection or Modification"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-133-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-133-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-88: Argument Injection or Modification vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)which could cause unauthorized write access when opening the project file."
}
]
}

50
2020/7xxx/CVE-2020-7497.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7497",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)",
"version": {
"version_data": [
{
"version_value": "EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-133-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-133-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)which could cause arbitrary application execution when the computer starts."
}
]
}

50
2020/7xxx/CVE-2020-7498.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7498",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Unity Loader and OS Loader Software (All versions)",
"version": {
"version_data": [
{
"version_value": "Unity Loader and OS Loader Software (All versions)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798: Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-02",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-02"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader Software (all versions). The fixed credentials are used to simplify file transfer. Today the use of fixed credentials is considered a vulnerability, which could cause unauthorized access to the file transfer service provided by the Modicon PLCs. This could result in various unintended results."
}
]
}

50
2020/7xxx/CVE-2020-7499.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7499",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "U.motion Servers and Touch Panels (affected versions listed in the security notification)",
"version": {
"version_data": [
{
"version_value": "U.motion Servers and Touch Panels (affected versions listed in the security notification)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284:Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-133-03/",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-133-03/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-284:Improper Access Control vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause unauthorized access when a low privileged user makes unauthorized changes."
}
]
}

50
2020/7xxx/CVE-2020-7500.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7500",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "U.motion Servers and Touch Panels (affected versions listed in the security notification)",
"version": {
"version_data": [
{
"version_value": "U.motion Servers and Touch Panels (affected versions listed in the security notification)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89:Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') "
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-133-03/",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-133-03/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-89:Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause arbitrary code to be executed when a malicious command is entered."
}
]
}

50
2020/7xxx/CVE-2020-7501.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7501",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior)",
"version": {
"version_data": [
{
"version_value": "Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798: Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-133-02/",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-133-02/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior) which could cause unauthorized read and write when downloading and uploading project or firmware into Vijeo Designer Basic and Vijeo Designer."
}
]
}

50
2020/7xxx/CVE-2020-7502.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7502",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Modicon M218 Logic Controller (Firmware version 4.3 and prior)",
"version": {
"version_data": [
{
"version_value": "Modicon M218 Logic Controller (Firmware version 4.3 and prior)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-01",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218 Logic Controller."
}
]
}

50
2020/7xxx/CVE-2020-7503.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7503",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Easergy T300 (Firmware version 1.5.2 and older)",
"version": {
"version_data": [
{
"version_value": "Easergy T300 (Firmware version 1.5.2 and older)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to execute malicious commands on behalf of a legitimate user when xsrf-token data is intercepted."
}
]
}

50
2020/7xxx/CVE-2020-7504.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7504",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Easergy T300 (Firmware version 1.5.2 and older)",
"version": {
"version_data": [
{
"version_value": "Easergy T300 (Firmware version 1.5.2 and older)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-20: Improper Input Validation vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to disable the webserver service on the device when specially crafted network packets are sent."
}
]
}

50
2020/7xxx/CVE-2020-7505.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7505",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Easergy T300 (Firmware version 1.5.2 and older)",
"version": {
"version_data": [
{
"version_value": "Easergy T300 (Firmware version 1.5.2 and older)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-494 Download of Code Without Integrity Check"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-494 Download of Code Without Integrity Check vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to inject data with dangerous content into the firmware and execute arbitrary code on the system."
}
]
}

50
2020/7xxx/CVE-2020-7506.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7506",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Easergy T300 (Firmware version 1.5.2 and older)",
"version": {
"version_data": [
{
"version_value": "Easergy T300 (Firmware version 1.5.2 and older)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-538: File and Directory Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-538: File and Directory Information Exposure vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to pack or unpack the archive with the firmware for the controller and modules using the usual tar archiver resulting in an information exposure."
}
]
}

50
2020/7xxx/CVE-2020-7507.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7507",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Easergy T300 (Firmware version 1.5.2 and older)",
"version": {
"version_data": [
{
"version_value": "Easergy T300 (Firmware version 1.5.2 and older)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-400: Uncontrolled Resource Consumption vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to login multiple times resulting in a denial of service."
}
]
}

50
2020/7xxx/CVE-2020-7508.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7508",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Easergy T300 (Firmware version 1.5.2 and older)",
"version": {
"version_data": [
{
"version_value": "Easergy T300 (Firmware version 1.5.2 and older)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-307 Improper Restriction of Excessive Authentication Attempts"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to gain full access by brute force."
}
]
}

50
2020/7xxx/CVE-2020-7509.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7509",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Easergy T300 (Firmware version 1.5.2 and older)",
"version": {
"version_data": [
{
"version_value": "Easergy T300 (Firmware version 1.5.2 and older)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper privilege management (write)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-269: Improper privilege management (write) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to elevate their privileges and delete files."
}
]
}

50
2020/7xxx/CVE-2020-7510.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7510",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Easergy T300 (Firmware version 1.5.2 and older)",
"version": {
"version_data": [
{
"version_value": "Easergy T300 (Firmware version 1.5.2 and older)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-200: Information Exposure vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow attacker to obtain private keys."
}
]
}

50
2020/7xxx/CVE-2020-7511.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7511",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Easergy T300 (Firmware version 1.5.2 and older)",
"version": {
"version_data": [
{
"version_value": "Easergy T300 (Firmware version 1.5.2 and older)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to acquire a password by brute force."
}
]
}

50
2020/7xxx/CVE-2020-7512.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7512",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Easergy T300 (Firmware version 1.5.2 and older)",
"version": {
"version_data": [
{
"version_value": "Easergy T300 (Firmware version 1.5.2 and older)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1103: Use of Platform-Dependent Third Party Components"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-1103: Use of Platform-Dependent Third Party Components with vulnerabilities vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to exploit the component."
}
]
}

50
2020/7xxx/CVE-2020-7513.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7513",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Easergy T300 (Firmware version 1.5.2 and older)",
"version": {
"version_data": [
{
"version_value": "Easergy T300 (Firmware version 1.5.2 and older)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-312: Cleartext Storage of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to intercept traffic and read configuration data."
}
]
}