diff --git a/2020/4xxx/CVE-2020-4361.json b/2020/4xxx/CVE-2020-4361.json index 420b463bec5..26dbd96a05f 100644 --- a/2020/4xxx/CVE-2020-4361.json +++ b/2020/4xxx/CVE-2020-4361.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4361", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "impact" : { + "cvssv3" : { + "TM" : { + "E" : "U", + "RC" : "C", + "RL" : "O" + }, + "BM" : { + "PR" : "L", + "A" : "N", + "I" : "N", + "S" : "U", + "SCORE" : "4.300", + "AV" : "N", + "AC" : "L", + "UI" : "N", + "C" : "L" + } + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information by disclosing private IP addresses in HTTP responses. IBM X-Force ID: 178766." + } + ] + }, + "data_format" : "MITRE", + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "ID" : "CVE-2020-4361", + "DATE_PUBLIC" : "2020-07-17T00:00:00", + "STATE" : "PUBLIC" + }, + "references" : { + "reference_data" : [ + { + "refsource" : "CONFIRM", + "url" : "https://www.ibm.com/support/pages/node/6249981", + "title" : "IBM Security Bulletin 6249981 (Planning Analytics)", + "name" : "https://www.ibm.com/support/pages/node/6249981" + }, + { + "name" : "ibm-planning-cve20204361-info-disc (178766)", + "title" : "X-Force Vulnerability Report", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/178766", + "refsource" : "XF" + } + ] + }, + "data_type" : "CVE", + "data_version" : "4.0", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "2.0" + } + ] + }, + "product_name" : "Planning Analytics" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + } +} diff --git a/2020/4xxx/CVE-2020-4466.json b/2020/4xxx/CVE-2020-4466.json index a001dd12179..4f19ca719b9 100644 --- a/2020/4xxx/CVE-2020-4466.json +++ b/2020/4xxx/CVE-2020-4466.json @@ -1,18 +1,93 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4466", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "impact" : { + "cvssv3" : { + "BM" : { + "SCORE" : "6.500", + "S" : "U", + "C" : "N", + "UI" : "N", + "AV" : "N", + "AC" : "L", + "A" : "H", + "PR" : "L", + "I" : "N" + }, + "TM" : { + "RL" : "O", + "E" : "U", + "RC" : "C" + } + } + }, + "data_format" : "MITRE", + "description" : { + "description_data" : [ + { + "value" : "IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could allow a remote authenticated attacker could cause a denial of service due to an error within the Queue processing function. IBM X-Force ID: 181563.", + "lang" : "eng" + } + ] + }, + "data_type" : "CVE", + "CVE_data_meta" : { + "ID" : "CVE-2020-4466", + "DATE_PUBLIC" : "2020-07-17T00:00:00", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com" + }, + "references" : { + "reference_data" : [ + { + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6250473 (MQ for HPE NonStop)", + "url" : "https://www.ibm.com/support/pages/node/6250473", + "name" : "https://www.ibm.com/support/pages/node/6250473" + }, + { + "name" : "ibm-mq-cve20204466-dos (181563)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/181563", + "title" : "X-Force Vulnerability Report", + "refsource" : "XF" + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "8.1.0" + }, + { + "version_value" : "8.0.4" + } + ] + }, + "product_name" : "MQ for HPE NonStop" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Denial of Service" + } + ] + } + ] + }, + "data_version" : "4.0" +} diff --git a/2020/4xxx/CVE-2020-4527.json b/2020/4xxx/CVE-2020-4527.json index 651d7dc2ea9..acaae019bf1 100644 --- a/2020/4xxx/CVE-2020-4527.json +++ b/2020/4xxx/CVE-2020-4527.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4527", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "references" : { + "reference_data" : [ + { + "name" : "https://www.ibm.com/support/pages/node/6249981", + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6249981 (Planning Analytics)", + "url" : "https://www.ibm.com/support/pages/node/6249981" + }, + { + "name" : "ibm-planning-cve20204527-info-disc (182631)", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/182631", + "title" : "X-Force Vulnerability Report" + } + ] + }, + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "ID" : "CVE-2020-4527", + "DATE_PUBLIC" : "2020-07-17T00:00:00" + }, + "data_type" : "CVE", + "data_version" : "4.0", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Obtain Information", + "lang" : "eng" + } + ] + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "product_name" : "Planning Analytics", + "version" : { + "version_data" : [ + { + "version_value" : "2.0" + } + ] + } + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "impact" : { + "cvssv3" : { + "TM" : { + "RC" : "C", + "E" : "U", + "RL" : "O" + }, + "BM" : { + "UI" : "N", + "AV" : "N", + "AC" : "H", + "C" : "H", + "SCORE" : "5.900", + "S" : "U", + "I" : "N", + "PR" : "N", + "A" : "N" + } + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the Secure flag for the session cookie in TLS mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM X-Force ID: 182631." + } + ] + }, + "data_format" : "MITRE" +}