admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2020/9xxx/CVE-2020-9497.json
CVE Team 7033fc22cb
"-Synchronized-Data."
2021-02-24 04:00:39 +00:00

112 lines
5.1 KiB
JSON
Raw Blame History

{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9497",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Apache Guacamole",
"version": {
"version_data": [
{
"version_value": "Apache Guacamole 1.1.0 and older"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r65f75d3d65d1af68141f42071ebb27dda24af3e45570e593c1dbd81f%40%3Cannounce.guacamole.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r65f75d3d65d1af68141f42071ebb27dda24af3e45570e593c1dbd81f%40%3Cannounce.guacamole.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[announce] 20200701 [SECURITY] CVE-2020-9497: Apache Guacamole: Improper input validation of RDP static virtual channels",
"url": "https://lists.apache.org/thread.html/r3f071de70ea1facd3601e0fa894e6cadc960627ee7199437b5a56f7f@%3Cannounce.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[guacamole-user] 20200703 Re: [SECURITY] CVE-2020-9497: Apache Guacamole: Improper input validation of RDP static virtual channels",
"url": "https://lists.apache.org/thread.html/r066543f0565e97b27c0dfe27e93e8a387b99e1e35764000224ed96e7@%3Cuser.guacamole.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[guacamole-user] 20200703 RE: [SECURITY] CVE-2020-9497: Apache Guacamole: Improper input validation of RDP static virtual channels",
"url": "https://lists.apache.org/thread.html/r181b1d5b1acb31cfa69f41b2c86ed3a2cb0b5bc09c2cbd31e9e7c847@%3Cuser.guacamole.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://research.checkpoint.com/2020/apache-guacamole-rce/",
"url": "https://research.checkpoint.com/2020/apache-guacamole-rce/"
},
{
"refsource": "CONFIRM",
"name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44525",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44525"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201106 [SECURITY] [DLA 2435-1] guacamole-server security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00010.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-bfde0ab889",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVV5K2X4EXSAVUUL7IJ3MUJ3ADWMVSBM/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-640645e518",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNS7UHBOFV6JHWH5XOEZTE3BREGRSSQ3/"
},
{
"refsource": "MLIST",
"name": "[announce] 20210125 Apache Software Foundation Security Report: 2020",
"url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[announce] 20210223 Re: Apache Software Foundation Security Report: 2020",
"url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, specially-craftedPDUs could result in disclosure of information within the memory ofthe guacd process handling the connection."
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink