nvd-json-data-feeds/CVE-2020/CVE-2020-168xx/CVE-2020-16856.json

{
  "id": "CVE-2020-16856",
  "sourceIdentifier": "secure@microsoft.com",
  "published": "2020-09-11T17:15:16.857",
  "lastModified": "2020-09-17T15:45:57.520",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory, aka 'Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16874."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en Visual Studio cuando maneja inapropiadamente objetos en la memoria, tambi\u00e9n se conoce como \"Visual Studio Remote Code Execution Vulnerability\".&#xa0;Este ID de CVE es diferente de CVE-2020-16874"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "28CC44DA-DF23-400D-9299-7DF3EECD89E9"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "4A820094-4660-4CFA-BAF1-ED4DBF45AD46"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2015:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "718C39FC-A564-4CE4-B88F-C9D7108764DF"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "15.0",
              "versionEndIncluding": "15.8",
              "matchCriteriaId": "754856ED-0708-4505-B3CC-C3CF1818DD59"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "16.0",
              "versionEndIncluding": "16.3",
              "matchCriteriaId": "7FE5FF31-110B-4518-A0B9-E94E2840B492"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "16.5",
              "versionEndIncluding": "16.6",
              "matchCriteriaId": "64BFBAC2-C362-457F-90A8-9E56C25694E6"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16856",
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2020-16856",`
			`"sourceIdentifier": "secure@microsoft.com",`
			`"published": "2020-09-11T17:15:16.857",`
			`"lastModified": "2020-09-17T15:45:57.520",`
			`"vulnStatus": "Analyzed",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory, aka 'Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16874."`
			`},`
			`{`
			`"lang": "es",`
			`"value": "Se presenta una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en Visual Studio cuando maneja inapropiadamente objetos en la memoria, tambi\u00e9n se conoce como \"Visual Studio Remote Code Execution Vulnerability\". Este ID de CVE es diferente de CVE-2020-16874"`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",`
			`"attackVector": "LOCAL",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "REQUIRED",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 7.8,`
			`"baseSeverity": "HIGH"`
			`},`
			`"exploitabilityScore": 1.8,`
			`"impactScore": 5.9`
			`}`
			`],`
			`"cvssMetricV2": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "2.0",`
			`"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",`
			`"accessVector": "NETWORK",`
			`"accessComplexity": "MEDIUM",`
			`"authentication": "NONE",`
			`"confidentialityImpact": "COMPLETE",`
			`"integrityImpact": "COMPLETE",`
			`"availabilityImpact": "COMPLETE",`
			`"baseScore": 9.3`
			`},`
			`"baseSeverity": "HIGH",`
			`"exploitabilityScore": 8.6,`
			`"impactScore": 10.0,`
			`"acInsufInfo": false,`
			`"obtainAllPrivilege": false,`
			`"obtainUserPrivilege": false,`
			`"obtainOtherPrivilege": false,`
			`"userInteractionRequired": true`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "NVD-CWE-noinfo"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:visual_studio:2012:update_5::::::",`
			`"matchCriteriaId": "28CC44DA-DF23-400D-9299-7DF3EECD89E9"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:visual_studio:2013:update_5::::::",`
			`"matchCriteriaId": "4A820094-4660-4CFA-BAF1-ED4DBF45AD46"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:visual_studio:2015:update_3::::::",`
			`"matchCriteriaId": "718C39FC-A564-4CE4-B88F-C9D7108764DF"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:visual_studio_2017::::::::",`
			`"versionStartIncluding": "15.0",`
			`"versionEndIncluding": "15.8",`
			`"matchCriteriaId": "754856ED-0708-4505-B3CC-C3CF1818DD59"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:visual_studio_2019::::::::",`
			`"versionStartIncluding": "16.0",`
			`"versionEndIncluding": "16.3",`
			`"matchCriteriaId": "7FE5FF31-110B-4518-A0B9-E94E2840B492"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:visual_studio_2019::::::::",`
			`"versionStartIncluding": "16.5",`
			`"versionEndIncluding": "16.6",`
			`"matchCriteriaId": "64BFBAC2-C362-457F-90A8-9E56C25694E6"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16856",`
			`"source": "secure@microsoft.com",`
			`"tags": [`
			`"Patch",`
			`"Vendor Advisory"`
			`]`
			`}`
			`]`
			`}`