diff --git a/2016/10xxx/CVE-2016-10937.json b/2016/10xxx/CVE-2016-10937.json index d2c1d464735..d0d4a3eb6b0 100644 --- a/2016/10xxx/CVE-2016-10937.json +++ b/2016/10xxx/CVE-2016-10937.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0673", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00042.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0765", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00002.html" } ] } diff --git a/2019/16xxx/CVE-2019-16328.json b/2019/16xxx/CVE-2019-16328.json index 772f42c99bf..b04931a827c 100644 --- a/2019/16xxx/CVE-2019-16328.json +++ b/2019/16xxx/CVE-2019-16328.json @@ -66,6 +66,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0685", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00046.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0763", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00004.html" } ] }, diff --git a/2020/12xxx/CVE-2020-12108.json b/2020/12xxx/CVE-2020-12108.json index 94386d4cb08..9ac80f7cda4 100644 --- a/2020/12xxx/CVE-2020-12108.json +++ b/2020/12xxx/CVE-2020-12108.json @@ -81,6 +81,11 @@ "refsource": "UBUNTU", "name": "USN-4354-1", "url": "https://usn.ubuntu.com/4354-1/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0764", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00003.html" } ] } diff --git a/2020/1xxx/CVE-2020-1963.json b/2020/1xxx/CVE-2020-1963.json index 3bd1804a1bd..3890a5e9df1 100644 --- a/2020/1xxx/CVE-2020-1963.json +++ b/2020/1xxx/CVE-2020-1963.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://lists.apache.org/thread.html/r1933faf8a26c431f38a5f8dbbfab80254454e54e33a79be474b67dc4%40%3Cdev.ignite.apache.org%3E", "url": "https://lists.apache.org/thread.html/r1933faf8a26c431f38a5f8dbbfab80254454e54e33a79be474b67dc4%40%3Cdev.ignite.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200603 [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability", + "url": "http://www.openwall.com/lists/oss-security/2020/06/03/2" } ] }, diff --git a/2020/2xxx/CVE-2020-2190.json b/2020/2xxx/CVE-2020-2190.json index 9dd019eff42..016f9305f90 100644 --- a/2020/2xxx/CVE-2020-2190.json +++ b/2020/2xxx/CVE-2020-2190.json @@ -57,6 +57,11 @@ "name": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1866", "url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1866", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/06/03/3" } ] } diff --git a/2020/2xxx/CVE-2020-2191.json b/2020/2xxx/CVE-2020-2191.json index 8a5696e403f..7eae540ae8b 100644 --- a/2020/2xxx/CVE-2020-2191.json +++ b/2020/2xxx/CVE-2020-2191.json @@ -57,6 +57,11 @@ "name": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1200", "url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1200", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/06/03/3" } ] } diff --git a/2020/2xxx/CVE-2020-2192.json b/2020/2xxx/CVE-2020-2192.json index f10a8476911..2103b2b5a90 100644 --- a/2020/2xxx/CVE-2020-2192.json +++ b/2020/2xxx/CVE-2020-2192.json @@ -57,6 +57,11 @@ "name": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1200", "url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1200", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/06/03/3" } ] } diff --git a/2020/2xxx/CVE-2020-2193.json b/2020/2xxx/CVE-2020-2193.json index a98689aca86..ebeda05a327 100644 --- a/2020/2xxx/CVE-2020-2193.json +++ b/2020/2xxx/CVE-2020-2193.json @@ -57,6 +57,11 @@ "name": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1841", "url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1841", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/06/03/3" } ] } diff --git a/2020/2xxx/CVE-2020-2194.json b/2020/2xxx/CVE-2020-2194.json index b24119ba2bb..7e50c4ff700 100644 --- a/2020/2xxx/CVE-2020-2194.json +++ b/2020/2xxx/CVE-2020-2194.json @@ -57,6 +57,11 @@ "name": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1842", "url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1842", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/06/03/3" } ] } diff --git a/2020/2xxx/CVE-2020-2195.json b/2020/2xxx/CVE-2020-2195.json index 764c6d23f0c..aeaf7576f98 100644 --- a/2020/2xxx/CVE-2020-2195.json +++ b/2020/2xxx/CVE-2020-2195.json @@ -57,6 +57,11 @@ "name": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1837", "url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1837", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/06/03/3" } ] } diff --git a/2020/2xxx/CVE-2020-2196.json b/2020/2xxx/CVE-2020-2196.json index e790a0c403f..84411828f12 100644 --- a/2020/2xxx/CVE-2020-2196.json +++ b/2020/2xxx/CVE-2020-2196.json @@ -61,6 +61,11 @@ "name": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1766", "url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1766", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/06/03/3" } ] } diff --git a/2020/2xxx/CVE-2020-2197.json b/2020/2xxx/CVE-2020-2197.json index 9a9867a0456..33b7154af53 100644 --- a/2020/2xxx/CVE-2020-2197.json +++ b/2020/2xxx/CVE-2020-2197.json @@ -61,6 +61,11 @@ "name": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1582", "url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1582", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/06/03/3" } ] } diff --git a/2020/2xxx/CVE-2020-2198.json b/2020/2xxx/CVE-2020-2198.json index 3863d1234aa..e3643d7d0db 100644 --- a/2020/2xxx/CVE-2020-2198.json +++ b/2020/2xxx/CVE-2020-2198.json @@ -61,6 +61,11 @@ "name": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1582", "url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1582", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/06/03/3" } ] } diff --git a/2020/2xxx/CVE-2020-2199.json b/2020/2xxx/CVE-2020-2199.json index bee8d11da18..38a8dfe2578 100644 --- a/2020/2xxx/CVE-2020-2199.json +++ b/2020/2xxx/CVE-2020-2199.json @@ -61,6 +61,11 @@ "name": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1726", "url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1726", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/06/03/3" } ] } diff --git a/2020/2xxx/CVE-2020-2200.json b/2020/2xxx/CVE-2020-2200.json index 7eb21de6e98..849f7762814 100644 --- a/2020/2xxx/CVE-2020-2200.json +++ b/2020/2xxx/CVE-2020-2200.json @@ -61,6 +61,11 @@ "name": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1879", "url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1879", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/06/03/3" } ] } diff --git a/2020/4xxx/CVE-2020-4177.json b/2020/4xxx/CVE-2020-4177.json index bb2e73de67b..4fcf1a817f1 100644 --- a/2020/4xxx/CVE-2020-4177.json +++ b/2020/4xxx/CVE-2020-4177.json @@ -1,90 +1,90 @@ { - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 6218970 (Security Guardium)", - "name" : "https://www.ibm.com/support/pages/node/6218970", - "url" : "https://www.ibm.com/support/pages/node/6218970" - }, - { - "name" : "ibm-guardium-cve20204177-info-disc (174732)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174732", - "refsource" : "XF", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "data_version" : "4.0", - "impact" : { - "cvssv3" : { - "BM" : { - "PR" : "N", - "C" : "H", - "UI" : "N", - "S" : "C", - "A" : "N", - "AV" : "N", - "I" : "N", - "SCORE" : "6.800", - "AC" : "H" - }, - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "U" - } - } - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "references": { + "reference_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "11.1" - } - ] - }, - "product_name" : "Security Guardium" - } - ] - } + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 6218970 (Security Guardium)", + "name": "https://www.ibm.com/support/pages/node/6218970", + "url": "https://www.ibm.com/support/pages/node/6218970" + }, + { + "name": "ibm-guardium-cve20204177-info-disc (174732)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174732", + "refsource": "XF", + "title": "X-Force Vulnerability Report" } - ] - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + ] + }, + "data_version": "4.0", + "impact": { + "cvssv3": { + "BM": { + "PR": "N", + "C": "H", + "UI": "N", + "S": "C", + "A": "N", + "AV": "N", + "I": "N", + "SCORE": "6.800", + "AC": "H" + }, + "TM": { + "RC": "C", + "RL": "O", + "E": "U" + } + } + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "11.1" + } + ] + }, + "product_name": "Security Guardium" + } + ] + } + } ] - } - ] - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Security Guardium 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174732.", - "lang" : "eng" - } - ] - }, - "data_type" : "CVE", - "data_format" : "MITRE", - "CVE_data_meta" : { - "DATE_PUBLIC" : "2020-06-02T00:00:00", - "ID" : "CVE-2020-4177", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC" - } -} + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "description": { + "description_data": [ + { + "value": "IBM Security Guardium 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174732.", + "lang": "eng" + } + ] + }, + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "DATE_PUBLIC": "2020-06-02T00:00:00", + "ID": "CVE-2020-4177", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" + } +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4180.json b/2020/4xxx/CVE-2020-4180.json index 0f1f2f78681..afe72946cfa 100644 --- a/2020/4xxx/CVE-2020-4180.json +++ b/2020/4xxx/CVE-2020-4180.json @@ -1,90 +1,90 @@ { - "data_format" : "MITRE", - "CVE_data_meta" : { - "DATE_PUBLIC" : "2020-06-02T00:00:00", - "ID" : "CVE-2020-4180", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC" - }, - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6218960", - "name" : "https://www.ibm.com/support/pages/node/6218960", - "title" : "IBM Security Bulletin 6218960 (Security Guardium)", - "refsource" : "CONFIRM" - }, - { - "refsource" : "XF", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-guardium-cve20204180-code-exec (174735)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174735" - } - ] - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Guardium 11.1 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 174735." - } - ] - }, - "data_type" : "CVE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Privileges" - } - ] - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_format": "MITRE", + "CVE_data_meta": { + "DATE_PUBLIC": "2020-06-02T00:00:00", + "ID": "CVE-2020-4180", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" + }, + "references": { + "reference_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "11.1" - } - ] - }, - "product_name" : "Security Guardium" - } - ] - } + "url": "https://www.ibm.com/support/pages/node/6218960", + "name": "https://www.ibm.com/support/pages/node/6218960", + "title": "IBM Security Bulletin 6218960 (Security Guardium)", + "refsource": "CONFIRM" + }, + { + "refsource": "XF", + "title": "X-Force Vulnerability Report", + "name": "ibm-guardium-cve20204180-code-exec (174735)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174735" } - ] - } - }, - "data_version" : "4.0", - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "U" - }, - "BM" : { - "AC" : "L", - "SCORE" : "8.800", - "I" : "H", - "AV" : "N", - "S" : "U", - "A" : "H", - "UI" : "N", - "C" : "H", - "PR" : "L" - } - } - } -} + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Guardium 11.1 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 174735." + } + ] + }, + "data_type": "CVE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "11.1" + } + ] + }, + "product_name": "Security Guardium" + } + ] + } + } + ] + } + }, + "data_version": "4.0", + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "RL": "O", + "E": "U" + }, + "BM": { + "AC": "L", + "SCORE": "8.800", + "I": "H", + "AV": "N", + "S": "U", + "A": "H", + "UI": "N", + "C": "H", + "PR": "L" + } + } + } +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4182.json b/2020/4xxx/CVE-2020-4182.json index db17c02ce53..be3d1bf97cc 100644 --- a/2020/4xxx/CVE-2020-4182.json +++ b/2020/4xxx/CVE-2020-4182.json @@ -1,90 +1,90 @@ { - "data_version" : "4.0", - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "H" - }, - "BM" : { - "I" : "L", - "AV" : "N", - "A" : "N", - "S" : "C", - "SCORE" : "6.100", - "AC" : "L", - "C" : "L", - "PR" : "N", - "UI" : "R" - } - } - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "11.1" - } - ] - }, - "product_name" : "Security Guardium" - } - ] - } + "data_version": "4.0", + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "RL": "O", + "E": "H" + }, + "BM": { + "I": "L", + "AV": "N", + "A": "N", + "S": "C", + "SCORE": "6.100", + "AC": "L", + "C": "L", + "PR": "N", + "UI": "R" } - ] - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + } + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "11.1" + } + ] + }, + "product_name": "Security Guardium" + } + ] + } + } ] - } - ] - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Security Guardium 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174738.", - "lang" : "eng" - } - ] - }, - "data_type" : "CVE", - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/pages/node/6218964", - "url" : "https://www.ibm.com/support/pages/node/6218964", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 6218964 (Security Guardium)" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174738", - "name" : "ibm-guardium-cve20204182-xss (174738)", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF" - } - ] - }, - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2020-4182", - "DATE_PUBLIC" : "2020-06-02T00:00:00" - }, - "data_format" : "MITRE" -} + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "description": { + "description_data": [ + { + "value": "IBM Security Guardium 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174738.", + "lang": "eng" + } + ] + }, + "data_type": "CVE", + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/pages/node/6218964", + "url": "https://www.ibm.com/support/pages/node/6218964", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 6218964 (Security Guardium)" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174738", + "name": "ibm-guardium-cve20204182-xss (174738)", + "title": "X-Force Vulnerability Report", + "refsource": "XF" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2020-4182", + "DATE_PUBLIC": "2020-06-02T00:00:00" + }, + "data_format": "MITRE" +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4187.json b/2020/4xxx/CVE-2020-4187.json index d85f2a88bac..f57da77585d 100644 --- a/2020/4xxx/CVE-2020-4187.json +++ b/2020/4xxx/CVE-2020-4187.json @@ -1,90 +1,90 @@ { - "CVE_data_meta" : { - "DATE_PUBLIC" : "2020-06-02T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2020-4187", - "STATE" : "PUBLIC" - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Security Guardium", - "version" : { - "version_data" : [ - { - "version_value" : "11.1" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Guardium 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. IBM X-Force ID: 174805." - } - ] - }, - "data_type" : "CVE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "DATE_PUBLIC": "2020-06-02T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2020-4187", + "STATE": "PUBLIC" + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Security Guardium", + "version": { + "version_data": [ + { + "version_value": "11.1" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "data_version" : "4.0", - "impact" : { - "cvssv3" : { - "BM" : { - "PR" : "N", - "C" : "L", - "UI" : "N", - "A" : "N", - "S" : "U", - "AV" : "N", - "I" : "N", - "SCORE" : "5.300", - "AC" : "L" - }, - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "U" - } - } - }, - "references" : { - "reference_data" : [ - { - "title" : "IBM Security Bulletin 6218972 (Security Guardium)", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6218972", - "name" : "https://www.ibm.com/support/pages/node/6218972" - }, - { - "title" : "X-Force Vulnerability Report", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174805", - "name" : "ibm-guardium-cve20204187-info-disc (174805)" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Guardium 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. IBM X-Force ID: 174805." + } + ] + }, + "data_type": "CVE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "data_version": "4.0", + "impact": { + "cvssv3": { + "BM": { + "PR": "N", + "C": "L", + "UI": "N", + "A": "N", + "S": "U", + "AV": "N", + "I": "N", + "SCORE": "5.300", + "AC": "L" + }, + "TM": { + "RC": "C", + "RL": "O", + "E": "U" + } + } + }, + "references": { + "reference_data": [ + { + "title": "IBM Security Bulletin 6218972 (Security Guardium)", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6218972", + "name": "https://www.ibm.com/support/pages/node/6218972" + }, + { + "title": "X-Force Vulnerability Report", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174805", + "name": "ibm-guardium-cve20204187-info-disc (174805)" + } + ] + } +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4190.json b/2020/4xxx/CVE-2020-4190.json index 57ec8cc666c..79e619413af 100644 --- a/2020/4xxx/CVE-2020-4190.json +++ b/2020/4xxx/CVE-2020-4190.json @@ -1,96 +1,96 @@ { - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/pages/node/6218958", - "url" : "https://www.ibm.com/support/pages/node/6218958", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 6218958 (Security Guardium)" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174851", - "name" : "ibm-guardium-cve20204190-info-disc (174851)", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF" - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "UI" : "N", - "C" : "H", - "PR" : "H", - "AC" : "H", - "SCORE" : "4.100", - "I" : "N", - "AV" : "L", - "A" : "N", - "S" : "U" - }, - "TM" : { - "RL" : "O", - "E" : "U", - "RC" : "C" - } - } - }, - "data_version" : "4.0", - "affects" : { - "vendor" : { - "vendor_data" : [ + "references": { + "reference_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "Security Guardium", - "version" : { - "version_data" : [ - { - "version_value" : "10.6" - }, - { - "version_value" : "11.0" - }, - { - "version_value" : "11.1" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" + "name": "https://www.ibm.com/support/pages/node/6218958", + "url": "https://www.ibm.com/support/pages/node/6218958", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 6218958 (Security Guardium)" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174851", + "name": "ibm-guardium-cve20204190-info-disc (174851)", + "title": "X-Force Vulnerability Report", + "refsource": "XF" } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174851." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "UI": "N", + "C": "H", + "PR": "H", + "AC": "H", + "SCORE": "4.100", + "I": "N", + "AV": "L", + "A": "N", + "S": "U" + }, + "TM": { + "RL": "O", + "E": "U", + "RC": "C" + } + } + }, + "data_version": "4.0", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Security Guardium", + "version": { + "version_data": [ + { + "version_value": "10.6" + }, + { + "version_value": "11.0" + }, + { + "version_value": "11.1" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "data_type" : "CVE", - "data_format" : "MITRE", - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ID" : "CVE-2020-4190", - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2020-06-02T00:00:00" - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174851." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2020-4190", + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2020-06-02T00:00:00" + } +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4307.json b/2020/4xxx/CVE-2020-4307.json index e8e2aa4ed50..b6432571309 100644 --- a/2020/4xxx/CVE-2020-4307.json +++ b/2020/4xxx/CVE-2020-4307.json @@ -1,90 +1,90 @@ { - "references" : { - "reference_data" : [ - { - "title" : "IBM Security Bulletin 6218974 (Security Guardium)", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6218974", - "name" : "https://www.ibm.com/support/pages/node/6218974" - }, - { - "refsource" : "XF", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-guardium-cve20204307-dos (176997)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/176997" - } - ] - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Security Guardium 11.1 could allow an attacker on the same network to gain access to the Solr dashboard and cause a denial of service attack. IBM X-Force ID: 176997.", - "lang" : "eng" - } - ] - }, - "data_type" : "CVE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service" - } - ] - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "references": { + "reference_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "11.1" - } - ] - }, - "product_name" : "Security Guardium" - } - ] - }, - "vendor_name" : "IBM" + "title": "IBM Security Bulletin 6218974 (Security Guardium)", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6218974", + "name": "https://www.ibm.com/support/pages/node/6218974" + }, + { + "refsource": "XF", + "title": "X-Force Vulnerability Report", + "name": "ibm-guardium-cve20204307-dos (176997)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/176997" } - ] - } - }, - "data_version" : "4.0", - "impact" : { - "cvssv3" : { - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - }, - "BM" : { - "SCORE" : "6.500", - "AC" : "L", - "S" : "U", - "A" : "H", - "AV" : "A", - "I" : "N", - "UI" : "N", - "PR" : "N", - "C" : "N" - } - } - }, - "data_format" : "MITRE", - "CVE_data_meta" : { - "DATE_PUBLIC" : "2020-06-02T00:00:00", - "ID" : "CVE-2020-4307", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC" - } -} + ] + }, + "description": { + "description_data": [ + { + "value": "IBM Security Guardium 11.1 could allow an attacker on the same network to gain access to the Solr dashboard and cause a denial of service attack. IBM X-Force ID: 176997.", + "lang": "eng" + } + ] + }, + "data_type": "CVE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "11.1" + } + ] + }, + "product_name": "Security Guardium" + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "data_version": "4.0", + "impact": { + "cvssv3": { + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + }, + "BM": { + "SCORE": "6.500", + "AC": "L", + "S": "U", + "A": "H", + "AV": "A", + "I": "N", + "UI": "N", + "PR": "N", + "C": "N" + } + } + }, + "data_format": "MITRE", + "CVE_data_meta": { + "DATE_PUBLIC": "2020-06-02T00:00:00", + "ID": "CVE-2020-4307", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" + } +} \ No newline at end of file