admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-07 21:47:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

IBM20200720-10039

Browse Source 
Added CVE-2020-4466, CVE-2020-4361, CVE-2020-4527
This commit is contained in:
Scott Moore - IBM 2020-07-20 10:00:39 -04:00
parent 4789de0ec2
commit f130588061
No known key found for this signature in database
GPG Key ID: 8E6C411D57F2D75C
3 changed files with 264 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
2020/4xxx/CVE-2020-4361.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4361",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"PR" : "L",
"A" : "N",
"I" : "N",
"S" : "U",
"SCORE" : "4.300",
"AV" : "N",
"AC" : "L",
"UI" : "N",
"C" : "L"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information by disclosing private IP addresses in HTTP responses. IBM X-Force ID: 178766."
}
]
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4361",
"DATE_PUBLIC" : "2020-07-17T00:00:00",
"STATE" : "PUBLIC"
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6249981",
"title" : "IBM Security Bulletin 6249981 (Planning Analytics)",
"name" : "https://www.ibm.com/support/pages/node/6249981"
},
{
"name" : "ibm-planning-cve20204361-info-disc (178766)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/178766",
"refsource" : "XF"
}
]
},
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "2.0"
}
]
},
"product_name" : "Planning Analytics"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
}
}

105
2020/4xxx/CVE-2020-4466.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4466",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "6.500",
"S" : "U",
"C" : "N",
"UI" : "N",
"AV" : "N",
"AC" : "L",
"A" : "H",
"PR" : "L",
"I" : "N"
},
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
}
}
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"value" : "IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could allow a remote authenticated attacker could cause a denial of service due to an error within the Queue processing function. IBM X-Force ID: 181563.",
"lang" : "eng"
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"ID" : "CVE-2020-4466",
"DATE_PUBLIC" : "2020-07-17T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6250473 (MQ for HPE NonStop)",
"url" : "https://www.ibm.com/support/pages/node/6250473",
"name" : "https://www.ibm.com/support/pages/node/6250473"
},
{
"name" : "ibm-mq-cve20204466-dos (181563)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/181563",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "8.1.0"
},
{
"version_value" : "8.0.4"
}
]
},
"product_name" : "MQ for HPE NonStop"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
]
}
]
},
"data_version" : "4.0"
}

102
2020/4xxx/CVE-2020-4527.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4527",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6249981",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6249981 (Planning Analytics)",
"url" : "https://www.ibm.com/support/pages/node/6249981"
},
{
"name" : "ibm-planning-cve20204527-info-disc (182631)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/182631",
"title" : "X-Force Vulnerability Report"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2020-4527",
"DATE_PUBLIC" : "2020-07-17T00:00:00"
},
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Planning Analytics",
"version" : {
"version_data" : [
{
"version_value" : "2.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"UI" : "N",
"AV" : "N",
"AC" : "H",
"C" : "H",
"SCORE" : "5.900",
"S" : "U",
"I" : "N",
"PR" : "N",
"A" : "N"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the Secure flag for the session cookie in TLS mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM X-Force ID: 182631."
}
]
},
"data_format" : "MITRE"
}