admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-06-03 19:01:33 +00:00
parent af1184b0e4
commit f14cbb79b7
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
17 changed files with 342 additions and 266 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
2020/13xxx/CVE-2020-13379.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13379",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue that allows remote code execution. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://community.grafana.com/t/release-notes-v6-7-x/27119",
"url": "https://community.grafana.com/t/release-notes-v6-7-x/27119"
},
{
"refsource": "CONFIRM",
"name": "http://www.openwall.com/lists/oss-security/2020/06/03/4",
"url": "http://www.openwall.com/lists/oss-security/2020/06/03/4"
},
{
"refsource": "MISC",
"name": "https://community.grafana.com/t/grafana-7-0-2-and-6-7-4-security-update/31408",
"url": "https://community.grafana.com/t/grafana-7-0-2-and-6-7-4-security-update/31408"
},
{
"refsource": "CONFIRM",
"name": "https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/",
"url": "https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/"
},
{
"refsource": "MISC",
"name": "https://community.grafana.com/t/release-notes-v7-0-x/29381",
"url": "https://community.grafana.com/t/release-notes-v7-0-x/29381"
}
]
}

2
2020/3xxx/CVE-2020-3233.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": " A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based Local Manager interface of an affected device. The attacker must have valid Local Manager credentials. The vulnerability is due to insufficient validation of user-supplied input by the web-based Local Manager interface of the affected software. An attacker could exploit this vulnerability by injecting malicious code into a system settings tab. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. "
"value": "A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based Local Manager interface of an affected device. The attacker must have valid Local Manager credentials. The vulnerability is due to insufficient validation of user-supplied input by the web-based Local Manager interface of the affected software. An attacker could exploit this vulnerability by injecting malicious code into a system settings tab. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information."
}
]
},

2
2020/3xxx/CVE-2020-3234.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": "\r A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated but low-privileged, local attacker to log in to the Virtual Device Server (VDS) of an affected device by using a set of default credentials.\r The vulnerability is due to the presence of weak, hard-coded credentials. An attacker could exploit this vulnerability by authenticating to the targeted device and then connecting to VDS through the device’s virtual console by using the static credentials. A successful exploit could allow the attacker to access the Linux shell of VDS as the root user.\r "
"value": "A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated but low-privileged, local attacker to log in to the Virtual Device Server (VDS) of an affected device by using a set of default credentials. The vulnerability is due to the presence of weak, hard-coded credentials. An attacker could exploit this vulnerability by authenticating to the targeted device and then connecting to VDS through the device’s virtual console by using the static credentials. A successful exploit could allow the attacker to access the Linux shell of VDS as the root user."
}
]
},

2
2020/3xxx/CVE-2020-3235.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": "\r A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.\r The vulnerability is due to insufficient input validation when the software processes specific SNMP object identifiers. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.\r Note: To exploit this vulnerability by using SNMPv2c or earlier, the attacker must know the SNMP read-only community string for an affected system. To exploit this vulnerability by using SNMPv3, the attacker must know the user credentials for the affected system.\r "
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the software processes specific SNMP object identifiers. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: To exploit this vulnerability by using SNMPv2c or earlier, the attacker must know the SNMP read-only community string for an affected system. To exploit this vulnerability by using SNMPv3, the attacker must know the user credentials for the affected system."
}
]
},

2
2020/3xxx/CVE-2020-3237.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": " A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction enforcement. An attacker could exploit this vulnerability by including a crafted file in an application package. An exploit could allow the attacker to overwrite files. "
"value": "A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction enforcement. An attacker could exploit this vulnerability by including a crafted file in an application package. An exploit could allow the attacker to overwrite files."
}
]
},

2
2020/3xxx/CVE-2020-3238.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": "\r A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an\r authenticated, remote attacker to write or modify arbitrary files in the\r virtual instance that is running on the affected device.\r The vulnerability is due to insufficient input validation of\r user-supplied application packages. An attacker who can upload a\r malicious package within Cisco IOx could exploit the vulnerability to\r modify arbitrary files. The impacts of a successful exploit are limited\r to the scope of the virtual instance and do not affect the device that\r is hosting Cisco IOx.\r "
"value": "A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient input validation of user-supplied application packages. An attacker who can upload a malicious package within Cisco IOx could exploit the vulnerability to modify arbitrary files. The impacts of a successful exploit are limited to the scope of the virtual instance and do not affect the device that is hosting Cisco IOx."
}
]
},

2
2020/3xxx/CVE-2020-3257.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": "\r Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.\r For more information about these vulnerabilities, see the Details section of this advisory.\r "
"value": "Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},

2
2020/3xxx/CVE-2020-3258.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": "\r Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload.\r For more information about these vulnerabilities, see the Details section of this advisory.\r "
"value": "Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},

2
2020/3xxx/CVE-2020-3267.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": " A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to change the availability state of any agent. The vulnerability is due to insufficient authorization enforcement on an affected system. An attacker could exploit this vulnerability by authenticating to an affected system with valid agent credentials and performing a specific API call with crafted input. A successful exploit could allow the attacker to change the availability state of an agent, potentially causing a denial of service condition. "
"value": "A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to change the availability state of any agent. The vulnerability is due to insufficient authorization enforcement on an affected system. An attacker could exploit this vulnerability by authenticating to an affected system with valid agent credentials and performing a specific API call with crafted input. A successful exploit could allow the attacker to change the availability state of an agent, potentially causing a denial of service condition."
}
]
},

2
2020/3xxx/CVE-2020-3281.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": " A vulnerability in the audit logging component of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to view sensitive information in clear text. The vulnerability is due to the storage of certain unencrypted credentials. An attacker could exploit this vulnerability by accessing the audit logs and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to use those credentials to discover and manage network devices. "
"value": "A vulnerability in the audit logging component of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to view sensitive information in clear text. The vulnerability is due to the storage of certain unencrypted credentials. An attacker could exploit this vulnerability by accessing the audit logs and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to use those credentials to discover and manage network devices."
}
]
},

2
2020/3xxx/CVE-2020-3333.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": " A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affected device. The vulnerability is due to insufficient authentication of users who modify policies on an affected device. An attacker could exploit this vulnerability by crafting a malicious HTTP request to contact an affected device. A successful exploit could allow the attacker to update event policies on the affected device. "
"value": "A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affected device. The vulnerability is due to insufficient authentication of users who modify policies on an affected device. An attacker could exploit this vulnerability by crafting a malicious HTTP request to contact an affected device. A successful exploit could allow the attacker to update event policies on the affected device."
}
]
},

80
2020/7xxx/CVE-2020-7010.json
View File

@ -3,58 +3,60 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "bressers@elastic.co",
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Elastic",
"product": {
"product_data": [
"vendor": {
"vendor_data": [
{
"product_name": "Elastic Cloud on Kubernetes",
"version": {
"version_data": [
{
"version_value": "before 1.1.0"
}
]
}
"vendor_name": "Elastic",
"product": {
"product_data": [
{
"product_name": "Elastic Cloud on Kubernetes",
"version": {
"version_data": [
{
"version_value": "before 1.1.0"
}
]
}
}
]
}
}
]
}
}
]
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"problemtype_data": [
{
"lang": "eng",
"value": "CWE-335: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)"
"description": [
{
"lang": "eng",
"value": "CWE-335: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)"
}
]
}
]
}
]
]
},
"references": {
"reference_data": [
{
"url": "https://www.elastic.co/community/security/"
}
]
"reference_data": [
{
"url": "https://www.elastic.co/community/security/",
"refsource": "MISC",
"name": "https://www.elastic.co/community/security/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more easily brute force the Elasticsearch credentials generated by ECK."
}
]
"description_data": [
{
"lang": "eng",
"value": "Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more easily brute force the Elasticsearch credentials generated by ECK."
}
]
}
}

80
2020/7xxx/CVE-2020-7011.json
View File

@ -3,58 +3,60 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "bressers@elastic.co",
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Elastic",
"product": {
"product_data": [
"vendor": {
"vendor_data": [
{
"product_name": "Elastic App Search",
"version": {
"version_data": [
{
"version_value": "before 7.7.0"
}
]
}
"vendor_name": "Elastic",
"product": {
"product_data": [
{
"product_name": "Elastic App Search",
"version": {
"version_data": [
{
"version_value": "before 7.7.0"
}
]
}
}
]
}
}
]
}
}
]
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"problemtype_data": [
{
"lang": "eng",
"value": "CWE-84: Improper Neutralization of Encoded URI Schemes in a Web Page"
"description": [
{
"lang": "eng",
"value": "CWE-84: Improper Neutralization of Encoded URI Schemes in a Web Page"
}
]
}
]
}
]
]
},
"references": {
"reference_data": [
{
"url": "https://www.elastic.co/community/security/"
}
]
"reference_data": [
{
"url": "https://www.elastic.co/community/security/",
"refsource": "MISC",
"name": "https://www.elastic.co/community/security/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elastic App Search versions before 7.7.0 contain a cross site scripting (XSS) flaw when displaying document URLs in the Reference UI. If the Reference UI injects a URL into a result, that URL will be rendered by the web browser. If an attacker is able to control the contents of such a field, they could execute arbitrary JavaScript in the victim�s web browser."
}
]
"description_data": [
{
"lang": "eng",
"value": "Elastic App Search versions before 7.7.0 contain a cross site scripting (XSS) flaw when displaying document URLs in the Reference UI. If the Reference UI injects a URL into a result, that URL will be rendered by the web browser. If an attacker is able to control the contents of such a field, they could execute arbitrary JavaScript in the victim\u00ef\u00bf\u00bds web browser."
}
]
}
}

80
2020/7xxx/CVE-2020-7012.json
View File

@ -3,58 +3,60 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "bressers@elastic.co",
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Elastic",
"product": {
"product_data": [
"vendor": {
"vendor_data": [
{
"product_name": "Kibana",
"version": {
"version_data": [
{
"version_value": "6.7.0 to 6.8.8 and 7.0.0 to 7.6.2"
}
]
}
"vendor_name": "Elastic",
"product": {
"product_data": [
{
"product_name": "Kibana",
"version": {
"version_data": [
{
"version_value": "6.7.0 to 6.8.8 and 7.0.0 to 7.6.2"
}
]
}
}
]
}
}
]
}
}
]
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"problemtype_data": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code ('Code Injection')"
"description": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code ('Code Injection')"
}
]
}
]
}
]
]
},
"references": {
"reference_data": [
{
"url": "https://www.elastic.co/community/security/"
}
]
"reference_data": [
{
"url": "https://www.elastic.co/community/security/",
"refsource": "MISC",
"name": "https://www.elastic.co/community/security/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. An authenticated attacker with privileges to write to the Kibana index could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system."
}
]
"description_data": [
{
"lang": "eng",
"value": "Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. An authenticated attacker with privileges to write to the Kibana index could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system."
}
]
}
}

80
2020/7xxx/CVE-2020-7013.json
View File

@ -3,58 +3,60 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "bressers@elastic.co",
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Elastic",
"product": {
"product_data": [
"vendor": {
"vendor_data": [
{
"product_name": "Kibana",
"version": {
"version_data": [
{
"version_value": "before 6.8.9 and 7.7.0"
}
]
}
"vendor_name": "Elastic",
"product": {
"product_data": [
{
"product_name": "Kibana",
"version": {
"version_data": [
{
"version_value": "before 6.8.9 and 7.7.0"
}
]
}
}
]
}
}
]
}
}
]
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"problemtype_data": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code ('Code Injection')"
"description": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code ('Code Injection')"
}
]
}
]
}
]
]
},
"references": {
"reference_data": [
{
"url": "https://www.elastic.co/community/security/"
}
]
"reference_data": [
{
"url": "https://www.elastic.co/community/security/",
"refsource": "MISC",
"name": "https://www.elastic.co/community/security/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system."
}
]
"description_data": [
{
"lang": "eng",
"value": "Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system."
}
]
}
}

80
2020/7xxx/CVE-2020-7014.json
View File

@ -3,58 +3,60 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "bressers@elastic.co",
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Elastic",
"product": {
"product_data": [
"vendor": {
"vendor_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "6.7.0 to 6.8.7 and 7.0.0 to 7.6.1"
}
]
}
"vendor_name": "Elastic",
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "6.7.0 to 6.8.7 and 7.0.0 to 7.6.1"
}
]
}
}
]
}
}
]
}
}
]
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"problemtype_data": [
{
"lang": "eng",
"value": "CWE-266: Incorrect Privilege Assignment"
"description": [
{
"lang": "eng",
"value": "CWE-266: Incorrect Privilege Assignment"
}
]
}
]
}
]
]
},
"references": {
"reference_data": [
{
"url": "https://www.elastic.co/community/security/"
}
]
"reference_data": [
{
"url": "https://www.elastic.co/community/security/",
"refsource": "MISC",
"name": "https://www.elastic.co/community/security/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges."
}
]
"description_data": [
{
"lang": "eng",
"value": "The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges."
}
]
}
}

80
2020/7xxx/CVE-2020-7015.json
View File

@ -3,58 +3,60 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "bressers@elastic.co",
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Elastic",
"product": {
"product_data": [
"vendor": {
"vendor_data": [
{
"product_name": "Kibana",
"version": {
"version_data": [
{
"version_value": "before 6.8.9 and 7.7.0"
}
]
}
"vendor_name": "Elastic",
"product": {
"product_data": [
{
"product_name": "Kibana",
"version": {
"version_data": [
{
"version_value": "before 6.8.9 and 7.7.0"
}
]
}
}
]
}
}
]
}
}
]
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"problemtype_data": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
}
]
]
},
"references": {
"reference_data": [
{
"url": "https://www.elastic.co/community/security/"
}
]
"reference_data": [
{
"url": "https://www.elastic.co/community/security/",
"refsource": "MISC",
"name": "https://www.elastic.co/community/security/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kibana versions before 6.8.9 and 7.7.0 contains a stored XSS flaw in the TSVB visualization. An attacker who is able to edit or create a TSVB visualization could allow the attacker to obtain sensitive information from, or perform destructive actions, on behalf of Kibana users who edit the TSVB visualization."
}
]
"description_data": [
{
"lang": "eng",
"value": "Kibana versions before 6.8.9 and 7.7.0 contains a stored XSS flaw in the TSVB visualization. An attacker who is able to edit or create a TSVB visualization could allow the attacker to obtain sensitive information from, or perform destructive actions, on behalf of Kibana users who edit the TSVB visualization."
}
]
}
}