mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
62 lines
2.0 KiB
JSON
62 lines
2.0 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2020-7113",
|
|
"ASSIGNER": "security-alert@hpe.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "n/a",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "ClearPass Policy Manager",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "ClearPass 6.8.x prior to 6.8.5 ClearPass 6.7.x prior to 6.7.13"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "interception and modification of http packets"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-004.txt",
|
|
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-004.txt"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. Resolution: Fixed in 6.7.10, 6.8.1, 6.9.0 and higher."
|
|
}
|
|
]
|
|
}
|
|
} |