nvd-json-data-feeds/CVE-2020/CVE-2020-111xx/CVE-2020-11158.json

{
  "id": "CVE-2020-11158",
  "sourceIdentifier": "product-security@qualcomm.com",
  "published": "2020-09-08T10:15:14.687",
  "lastModified": "2020-09-14T17:49:21.007",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "u'Null pointer dereference in HP OfficeJet Pro 8210 jbig2 filter due to lack of check of PDF font array leads to denial of service' in IPS PDF releases prior to IPS System 2020.2"
    },
    {
      "lang": "es",
      "value": "Una desreferencia del puntero null en el filtro jbig2 de HP OfficeJet Pro versi\u00f3n 8210, debido a una falta de comprobaci\u00f3n de la matriz de fuentes PDF que conlleva a una denegaci\u00f3n de servicio en los productos IPS PDF versiones anteriores a IPS System 2020.2"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:qualcomm:ips_pdf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AF14539-8CE6-4092-BF88-2528B9C21FEA"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin",
      "source": "product-security@qualcomm.com",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ]
    }
  ]
}