Auto-merge PR#3722

2025-06-12 02:05:39 +00:00 · 2020-05-06 09:10:20 -04:00 · 2020-05-06 09:10:20 -04:00 · e86bea215c
commit e86bea215c
parent 4758138f9e 3fb2ebb289
1 changed files with 65 additions and 3 deletions
--- a/2020/10xxx/CVE-2020-10704.json
+++ b/2020/10xxx/CVE-2020-10704.json
@ -4,15 +4,77 @@
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2020-10704",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "gsuckevi@redhat.com"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "samba",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "All versions before 4.10.15"
+                                        },
+                                        {
+                                            "version_value": "All versions before 4.11.8"
+                                        },
+                                        {
+                                            "version_value": "All versions before 4.12.2"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-400"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10704",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10704",
+                "refsource": "CONFIRM"
+            },
+            {
+                "url": "https://www.samba.org/samba/security/CVE-2020-10704.html"
+            }
+        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2."
            }
        ]
+    },
+    "impact": {
+        "cvss": [
+            [
+                {
+                    "vectorString": "7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+                    "version": "3.0"
+                }
+            ]
+        ]
    }
 }