admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 17:51:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-58xx/CVE-2020-5898.json

141 lines
4.7 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2020-5898",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2020-05-12T16:15:11.357",
"lastModified": "2020-05-14T16:39:25.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. A local user on the Windows client system can send crafted DeviceIoControl requests to \\\\.\\urvpndrv device causing the Windows kernel to crash."
},
{
"lang": "es",
"value": "En versiones 7.1.5 hasta 7.1.9, el controlador BIG-IP Edge Client Windows Stonewall, no sanea el puntero recibido desde el userland. Un usuario local en el sistema cliente de Windows puede enviar peticiones DeviceIoControl hacia el dispositivo \\\\.\\urvpndrv causando que el kernel de Windows se bloquee."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.6.1",
"versionEndIncluding": "11.6.5.1",
"matchCriteriaId": "AB74041C-839F-42B9-9DEA-3E1AF2736AFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.1.0",
"versionEndIncluding": "12.1.5.1",
"matchCriteriaId": "1BA88EC9-FD8F-4CAF-8DDC-5358ABCA17C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.1.0",
"versionEndIncluding": "13.1.3.3",
"matchCriteriaId": "002D2E41-C4FC-45CF-8C28-D0A7D3419880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.1.0",
"versionEndIncluding": "14.1.2.5",
"matchCriteriaId": "76E97416-1D09-426A-BB6A-93014D92A756"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndIncluding": "15.1.0.3",
"matchCriteriaId": "63F60AB8-30E7-43E7-AE68-E05971B572B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager_client:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.5",
"versionEndIncluding": "7.1.9",
"matchCriteriaId": "37CCAE73-0973-4353-8CF8-06138E35B9DF"
}
]
}
]
}
],
"references": [
{
"url": "https://support.f5.com/csp/article/K69154630",
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue Copy Permalink