From f14cbb79b73e587d39f524da5ff6e864282d7d06 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 3 Jun 2020 19:01:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/13xxx/CVE-2020-13379.json | 76 ++++++++++++++++++++++++++++--- 2020/3xxx/CVE-2020-3233.json | 4 +- 2020/3xxx/CVE-2020-3234.json | 4 +- 2020/3xxx/CVE-2020-3235.json | 4 +- 2020/3xxx/CVE-2020-3237.json | 4 +- 2020/3xxx/CVE-2020-3238.json | 4 +- 2020/3xxx/CVE-2020-3257.json | 4 +- 2020/3xxx/CVE-2020-3258.json | 4 +- 2020/3xxx/CVE-2020-3267.json | 4 +- 2020/3xxx/CVE-2020-3281.json | 4 +- 2020/3xxx/CVE-2020-3333.json | 4 +- 2020/7xxx/CVE-2020-7010.json | 82 +++++++++++++++++----------------- 2020/7xxx/CVE-2020-7011.json | 82 +++++++++++++++++----------------- 2020/7xxx/CVE-2020-7012.json | 82 +++++++++++++++++----------------- 2020/7xxx/CVE-2020-7013.json | 82 +++++++++++++++++----------------- 2020/7xxx/CVE-2020-7014.json | 82 +++++++++++++++++----------------- 2020/7xxx/CVE-2020-7015.json | 82 +++++++++++++++++----------------- 17 files changed, 342 insertions(+), 266 deletions(-) diff --git a/2020/13xxx/CVE-2020-13379.json b/2020/13xxx/CVE-2020-13379.json index 28b46403019..18e5248a047 100644 --- a/2020/13xxx/CVE-2020-13379.json +++ b/2020/13xxx/CVE-2020-13379.json @@ -1,17 +1,81 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-13379", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-13379", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue that allows remote code execution. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://community.grafana.com/t/release-notes-v6-7-x/27119", + "url": "https://community.grafana.com/t/release-notes-v6-7-x/27119" + }, + { + "refsource": "CONFIRM", + "name": "http://www.openwall.com/lists/oss-security/2020/06/03/4", + "url": "http://www.openwall.com/lists/oss-security/2020/06/03/4" + }, + { + "refsource": "MISC", + "name": "https://community.grafana.com/t/grafana-7-0-2-and-6-7-4-security-update/31408", + "url": "https://community.grafana.com/t/grafana-7-0-2-and-6-7-4-security-update/31408" + }, + { + "refsource": "CONFIRM", + "name": "https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/", + "url": "https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/" + }, + { + "refsource": "MISC", + "name": "https://community.grafana.com/t/release-notes-v7-0-x/29381", + "url": "https://community.grafana.com/t/release-notes-v7-0-x/29381" } ] } diff --git a/2020/3xxx/CVE-2020-3233.json b/2020/3xxx/CVE-2020-3233.json index 73293a85403..f466cb678cf 100644 --- a/2020/3xxx/CVE-2020-3233.json +++ b/2020/3xxx/CVE-2020-3233.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based Local Manager interface of an affected device. The attacker must have valid Local Manager credentials. The vulnerability is due to insufficient validation of user-supplied input by the web-based Local Manager interface of the affected software. An attacker could exploit this vulnerability by injecting malicious code into a system settings tab. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. " + "value": "A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based Local Manager interface of an affected device. The attacker must have valid Local Manager credentials. The vulnerability is due to insufficient validation of user-supplied input by the web-based Local Manager interface of the affected software. An attacker could exploit this vulnerability by injecting malicious code into a system settings tab. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information." } ] }, @@ -87,4 +87,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3234.json b/2020/3xxx/CVE-2020-3234.json index 7441cabb409..78a24ab573b 100644 --- a/2020/3xxx/CVE-2020-3234.json +++ b/2020/3xxx/CVE-2020-3234.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated but low-privileged, local attacker to log in to the Virtual Device Server (VDS) of an affected device by using a set of default credentials.\r The vulnerability is due to the presence of weak, hard-coded credentials. An attacker could exploit this vulnerability by authenticating to the targeted device and then connecting to VDS through the device’s virtual console by using the static credentials. A successful exploit could allow the attacker to access the Linux shell of VDS as the root user.\r " + "value": "A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated but low-privileged, local attacker to log in to the Virtual Device Server (VDS) of an affected device by using a set of default credentials. The vulnerability is due to the presence of weak, hard-coded credentials. An attacker could exploit this vulnerability by authenticating to the targeted device and then connecting to VDS through the device’s virtual console by using the static credentials. A successful exploit could allow the attacker to access the Linux shell of VDS as the root user." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3235.json b/2020/3xxx/CVE-2020-3235.json index fe8df2cebde..a391952fbc3 100644 --- a/2020/3xxx/CVE-2020-3235.json +++ b/2020/3xxx/CVE-2020-3235.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.\r The vulnerability is due to insufficient input validation when the software processes specific SNMP object identifiers. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.\r Note: To exploit this vulnerability by using SNMPv2c or earlier, the attacker must know the SNMP read-only community string for an affected system. To exploit this vulnerability by using SNMPv3, the attacker must know the user credentials for the affected system.\r " + "value": "A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the software processes specific SNMP object identifiers. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: To exploit this vulnerability by using SNMPv2c or earlier, the attacker must know the SNMP read-only community string for an affected system. To exploit this vulnerability by using SNMPv3, the attacker must know the user credentials for the affected system." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3237.json b/2020/3xxx/CVE-2020-3237.json index f95a4f41021..cb8cfb90f51 100644 --- a/2020/3xxx/CVE-2020-3237.json +++ b/2020/3xxx/CVE-2020-3237.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction enforcement. An attacker could exploit this vulnerability by including a crafted file in an application package. An exploit could allow the attacker to overwrite files. " + "value": "A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction enforcement. An attacker could exploit this vulnerability by including a crafted file in an application package. An exploit could allow the attacker to overwrite files." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3238.json b/2020/3xxx/CVE-2020-3238.json index 267a13fb45d..56b6b2e267d 100644 --- a/2020/3xxx/CVE-2020-3238.json +++ b/2020/3xxx/CVE-2020-3238.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an\r authenticated, remote attacker to write or modify arbitrary files in the\r virtual instance that is running on the affected device.\r The vulnerability is due to insufficient input validation of\r user-supplied application packages. An attacker who can upload a\r malicious package within Cisco IOx could exploit the vulnerability to\r modify arbitrary files. The impacts of a successful exploit are limited\r to the scope of the virtual instance and do not affect the device that\r is hosting Cisco IOx.\r " + "value": "A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient input validation of user-supplied application packages. An attacker who can upload a malicious package within Cisco IOx could exploit the vulnerability to modify arbitrary files. The impacts of a successful exploit are limited to the scope of the virtual instance and do not affect the device that is hosting Cisco IOx." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3257.json b/2020/3xxx/CVE-2020-3257.json index 42ffa3a66d9..74c190b58c2 100644 --- a/2020/3xxx/CVE-2020-3257.json +++ b/2020/3xxx/CVE-2020-3257.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.\r For more information about these vulnerabilities, see the Details section of this advisory.\r " + "value": "Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3258.json b/2020/3xxx/CVE-2020-3258.json index e6bd6032f6e..bf299aa3acc 100644 --- a/2020/3xxx/CVE-2020-3258.json +++ b/2020/3xxx/CVE-2020-3258.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload.\r For more information about these vulnerabilities, see the Details section of this advisory.\r " + "value": "Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3267.json b/2020/3xxx/CVE-2020-3267.json index 41c60bedbb9..4372947ba28 100644 --- a/2020/3xxx/CVE-2020-3267.json +++ b/2020/3xxx/CVE-2020-3267.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to change the availability state of any agent. The vulnerability is due to insufficient authorization enforcement on an affected system. An attacker could exploit this vulnerability by authenticating to an affected system with valid agent credentials and performing a specific API call with crafted input. A successful exploit could allow the attacker to change the availability state of an agent, potentially causing a denial of service condition. " + "value": "A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to change the availability state of any agent. The vulnerability is due to insufficient authorization enforcement on an affected system. An attacker could exploit this vulnerability by authenticating to an affected system with valid agent credentials and performing a specific API call with crafted input. A successful exploit could allow the attacker to change the availability state of an agent, potentially causing a denial of service condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3281.json b/2020/3xxx/CVE-2020-3281.json index 704cccedea4..7ed2911c702 100644 --- a/2020/3xxx/CVE-2020-3281.json +++ b/2020/3xxx/CVE-2020-3281.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the audit logging component of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to view sensitive information in clear text. The vulnerability is due to the storage of certain unencrypted credentials. An attacker could exploit this vulnerability by accessing the audit logs and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to use those credentials to discover and manage network devices. " + "value": "A vulnerability in the audit logging component of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to view sensitive information in clear text. The vulnerability is due to the storage of certain unencrypted credentials. An attacker could exploit this vulnerability by accessing the audit logs and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to use those credentials to discover and manage network devices." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3333.json b/2020/3xxx/CVE-2020-3333.json index add5b2c82fe..6b06d497bdc 100644 --- a/2020/3xxx/CVE-2020-3333.json +++ b/2020/3xxx/CVE-2020-3333.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affected device. The vulnerability is due to insufficient authentication of users who modify policies on an affected device. An attacker could exploit this vulnerability by crafting a malicious HTTP request to contact an affected device. A successful exploit could allow the attacker to update event policies on the affected device. " + "value": "A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affected device. The vulnerability is due to insufficient authentication of users who modify policies on an affected device. An attacker could exploit this vulnerability by crafting a malicious HTTP request to contact an affected device. A successful exploit could allow the attacker to update event policies on the affected device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7010.json b/2020/7xxx/CVE-2020-7010.json index 664e7ae12d2..5d3e8b870cc 100644 --- a/2020/7xxx/CVE-2020-7010.json +++ b/2020/7xxx/CVE-2020-7010.json @@ -3,58 +3,60 @@ "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "bressers@elastic.co", + "ASSIGNER": "security@elastic.co", "ID": "CVE-2020-7010", "STATE": "PUBLIC" }, "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Elastic", - "product": { - "product_data": [ + "vendor": { + "vendor_data": [ { - "product_name": "Elastic Cloud on Kubernetes", - "version": { - "version_data": [ - { - "version_value": "before 1.1.0" - } - ] - } + "vendor_name": "Elastic", + "product": { + "product_data": [ + { + "product_name": "Elastic Cloud on Kubernetes", + "version": { + "version_data": [ + { + "version_value": "before 1.1.0" + } + ] + } + } + ] + } } - ] - } - } - ] - } + ] + } }, "problemtype": { - "problemtype_data": [ - { - "description": [ + "problemtype_data": [ { - "lang": "eng", - "value": "CWE-335: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)" + "description": [ + { + "lang": "eng", + "value": "CWE-335: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)" + } + ] } - ] - } - ] + ] }, "references": { - "reference_data": [ - { - "url": "https://www.elastic.co/community/security/" - } - ] + "reference_data": [ + { + "url": "https://www.elastic.co/community/security/", + "refsource": "MISC", + "name": "https://www.elastic.co/community/security/" + } + ] }, "description": { - "description_data": [ - { - "lang": "eng", - "value": "Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more easily brute force the Elasticsearch credentials generated by ECK." - } - ] + "description_data": [ + { + "lang": "eng", + "value": "Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more easily brute force the Elasticsearch credentials generated by ECK." + } + ] } -} +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7011.json b/2020/7xxx/CVE-2020-7011.json index 0af8acc7bbd..c35c0a107c9 100644 --- a/2020/7xxx/CVE-2020-7011.json +++ b/2020/7xxx/CVE-2020-7011.json @@ -3,58 +3,60 @@ "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "bressers@elastic.co", + "ASSIGNER": "security@elastic.co", "ID": "CVE-2020-7011", "STATE": "PUBLIC" }, "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Elastic", - "product": { - "product_data": [ + "vendor": { + "vendor_data": [ { - "product_name": "Elastic App Search", - "version": { - "version_data": [ - { - "version_value": "before 7.7.0" - } - ] - } + "vendor_name": "Elastic", + "product": { + "product_data": [ + { + "product_name": "Elastic App Search", + "version": { + "version_data": [ + { + "version_value": "before 7.7.0" + } + ] + } + } + ] + } } - ] - } - } - ] - } + ] + } }, "problemtype": { - "problemtype_data": [ - { - "description": [ + "problemtype_data": [ { - "lang": "eng", - "value": "CWE-84: Improper Neutralization of Encoded URI Schemes in a Web Page" + "description": [ + { + "lang": "eng", + "value": "CWE-84: Improper Neutralization of Encoded URI Schemes in a Web Page" + } + ] } - ] - } - ] + ] }, "references": { - "reference_data": [ - { - "url": "https://www.elastic.co/community/security/" - } - ] + "reference_data": [ + { + "url": "https://www.elastic.co/community/security/", + "refsource": "MISC", + "name": "https://www.elastic.co/community/security/" + } + ] }, "description": { - "description_data": [ - { - "lang": "eng", - "value": "Elastic App Search versions before 7.7.0 contain a cross site scripting (XSS) flaw when displaying document URLs in the Reference UI. If the Reference UI injects a URL into a result, that URL will be rendered by the web browser. If an attacker is able to control the contents of such a field, they could execute arbitrary JavaScript in the victim�s web browser." - } - ] + "description_data": [ + { + "lang": "eng", + "value": "Elastic App Search versions before 7.7.0 contain a cross site scripting (XSS) flaw when displaying document URLs in the Reference UI. If the Reference UI injects a URL into a result, that URL will be rendered by the web browser. If an attacker is able to control the contents of such a field, they could execute arbitrary JavaScript in the victim\u00ef\u00bf\u00bds web browser." + } + ] } -} +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7012.json b/2020/7xxx/CVE-2020-7012.json index 52dd4ad1ba5..6257d6c04ba 100644 --- a/2020/7xxx/CVE-2020-7012.json +++ b/2020/7xxx/CVE-2020-7012.json @@ -3,58 +3,60 @@ "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "bressers@elastic.co", + "ASSIGNER": "security@elastic.co", "ID": "CVE-2020-7012", "STATE": "PUBLIC" }, "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Elastic", - "product": { - "product_data": [ + "vendor": { + "vendor_data": [ { - "product_name": "Kibana", - "version": { - "version_data": [ - { - "version_value": "6.7.0 to 6.8.8 and 7.0.0 to 7.6.2" - } - ] - } + "vendor_name": "Elastic", + "product": { + "product_data": [ + { + "product_name": "Kibana", + "version": { + "version_data": [ + { + "version_value": "6.7.0 to 6.8.8 and 7.0.0 to 7.6.2" + } + ] + } + } + ] + } } - ] - } - } - ] - } + ] + } }, "problemtype": { - "problemtype_data": [ - { - "description": [ + "problemtype_data": [ { - "lang": "eng", - "value": "CWE-94: Improper Control of Generation of Code ('Code Injection')" + "description": [ + { + "lang": "eng", + "value": "CWE-94: Improper Control of Generation of Code ('Code Injection')" + } + ] } - ] - } - ] + ] }, "references": { - "reference_data": [ - { - "url": "https://www.elastic.co/community/security/" - } - ] + "reference_data": [ + { + "url": "https://www.elastic.co/community/security/", + "refsource": "MISC", + "name": "https://www.elastic.co/community/security/" + } + ] }, "description": { - "description_data": [ - { - "lang": "eng", - "value": "Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. An authenticated attacker with privileges to write to the Kibana index could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system." - } - ] + "description_data": [ + { + "lang": "eng", + "value": "Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. An authenticated attacker with privileges to write to the Kibana index could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system." + } + ] } -} +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7013.json b/2020/7xxx/CVE-2020-7013.json index 2092c553814..374e4938ecc 100644 --- a/2020/7xxx/CVE-2020-7013.json +++ b/2020/7xxx/CVE-2020-7013.json @@ -3,58 +3,60 @@ "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "bressers@elastic.co", + "ASSIGNER": "security@elastic.co", "ID": "CVE-2020-7013", "STATE": "PUBLIC" }, "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Elastic", - "product": { - "product_data": [ + "vendor": { + "vendor_data": [ { - "product_name": "Kibana", - "version": { - "version_data": [ - { - "version_value": "before 6.8.9 and 7.7.0" - } - ] - } + "vendor_name": "Elastic", + "product": { + "product_data": [ + { + "product_name": "Kibana", + "version": { + "version_data": [ + { + "version_value": "before 6.8.9 and 7.7.0" + } + ] + } + } + ] + } } - ] - } - } - ] - } + ] + } }, "problemtype": { - "problemtype_data": [ - { - "description": [ + "problemtype_data": [ { - "lang": "eng", - "value": "CWE-94: Improper Control of Generation of Code ('Code Injection')" + "description": [ + { + "lang": "eng", + "value": "CWE-94: Improper Control of Generation of Code ('Code Injection')" + } + ] } - ] - } - ] + ] }, "references": { - "reference_data": [ - { - "url": "https://www.elastic.co/community/security/" - } - ] + "reference_data": [ + { + "url": "https://www.elastic.co/community/security/", + "refsource": "MISC", + "name": "https://www.elastic.co/community/security/" + } + ] }, "description": { - "description_data": [ - { - "lang": "eng", - "value": "Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system." - } - ] + "description_data": [ + { + "lang": "eng", + "value": "Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system." + } + ] } -} +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7014.json b/2020/7xxx/CVE-2020-7014.json index 06bffe1eb1a..c4ac54b70fb 100644 --- a/2020/7xxx/CVE-2020-7014.json +++ b/2020/7xxx/CVE-2020-7014.json @@ -3,58 +3,60 @@ "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "bressers@elastic.co", + "ASSIGNER": "security@elastic.co", "ID": "CVE-2020-7014", "STATE": "PUBLIC" }, "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Elastic", - "product": { - "product_data": [ + "vendor": { + "vendor_data": [ { - "product_name": "Elasticsearch", - "version": { - "version_data": [ - { - "version_value": "6.7.0 to 6.8.7 and 7.0.0 to 7.6.1" - } - ] - } + "vendor_name": "Elastic", + "product": { + "product_data": [ + { + "product_name": "Elasticsearch", + "version": { + "version_data": [ + { + "version_value": "6.7.0 to 6.8.7 and 7.0.0 to 7.6.1" + } + ] + } + } + ] + } } - ] - } - } - ] - } + ] + } }, "problemtype": { - "problemtype_data": [ - { - "description": [ + "problemtype_data": [ { - "lang": "eng", - "value": "CWE-266: Incorrect Privilege Assignment" + "description": [ + { + "lang": "eng", + "value": "CWE-266: Incorrect Privilege Assignment" + } + ] } - ] - } - ] + ] }, "references": { - "reference_data": [ - { - "url": "https://www.elastic.co/community/security/" - } - ] + "reference_data": [ + { + "url": "https://www.elastic.co/community/security/", + "refsource": "MISC", + "name": "https://www.elastic.co/community/security/" + } + ] }, "description": { - "description_data": [ - { - "lang": "eng", - "value": "The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges." - } - ] + "description_data": [ + { + "lang": "eng", + "value": "The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges." + } + ] } -} +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7015.json b/2020/7xxx/CVE-2020-7015.json index 6c2180d1277..db20a052d18 100644 --- a/2020/7xxx/CVE-2020-7015.json +++ b/2020/7xxx/CVE-2020-7015.json @@ -3,58 +3,60 @@ "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "bressers@elastic.co", + "ASSIGNER": "security@elastic.co", "ID": "CVE-2020-7015", "STATE": "PUBLIC" }, "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Elastic", - "product": { - "product_data": [ + "vendor": { + "vendor_data": [ { - "product_name": "Kibana", - "version": { - "version_data": [ - { - "version_value": "before 6.8.9 and 7.7.0" - } - ] - } + "vendor_name": "Elastic", + "product": { + "product_data": [ + { + "product_name": "Kibana", + "version": { + "version_data": [ + { + "version_value": "before 6.8.9 and 7.7.0" + } + ] + } + } + ] + } } - ] - } - } - ] - } + ] + } }, "problemtype": { - "problemtype_data": [ - { - "description": [ + "problemtype_data": [ { - "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] } - ] - } - ] + ] }, "references": { - "reference_data": [ - { - "url": "https://www.elastic.co/community/security/" - } - ] + "reference_data": [ + { + "url": "https://www.elastic.co/community/security/", + "refsource": "MISC", + "name": "https://www.elastic.co/community/security/" + } + ] }, "description": { - "description_data": [ - { - "lang": "eng", - "value": "Kibana versions before 6.8.9 and 7.7.0 contains a stored XSS flaw in the TSVB visualization. An attacker who is able to edit or create a TSVB visualization could allow the attacker to obtain sensitive information from, or perform destructive actions, on behalf of Kibana users who edit the TSVB visualization." - } - ] + "description_data": [ + { + "lang": "eng", + "value": "Kibana versions before 6.8.9 and 7.7.0 contains a stored XSS flaw in the TSVB visualization. An attacker who is able to edit or create a TSVB visualization could allow the attacker to obtain sensitive information from, or perform destructive actions, on behalf of Kibana users who edit the TSVB visualization." + } + ] } -} +} \ No newline at end of file