admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-46xx/CVE-2020-4682.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

365 lines
13 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-4682",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2021-01-28T13:15:12.000",
"lastModified": "2021-02-02T17:35:16.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization of trusted data. An attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 186509."
},
{
"lang": "es",
"value": "IBM MQ versiones 7.5, 8.0, 9.0, 9.1, 9.2 LTS y 9.2 CD, podr\u00edan permitir a un atacante remoto ejecutar c\u00f3digo arbitrario en el sistema, causado por una deserializaci\u00f3n no segura de datos confiables. Un atacante podr\u00eda explotar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el sistema. IBM X-Force ID: 186509"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5F66BE-1A17-4A4E-AC8C-EA1CAF7AC09C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF9603C1-D840-4904-AE6F-A22DD1EE62A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89484A74-154F-4B7F-97C7-A8014CE90B1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B7D03F7-37F6-4D27-A24C-2C6D5118D8AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "01735BC7-4CF2-4A52-9A4A-3DE470161C46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "743149EB-7330-470B-B2FF-E1881E52FCC9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B683ED2B-D16D-45B6-AA2E-85C53BD365FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8A3EDB-A8B2-4D4B-8BFF-4FCAA71C6E0C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C955E798-BFC9-40ED-9C87-7419258D5B7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC27C59-29E3-4003-A0B2-8E8523607BF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "27181014-820E-4F83-9A4C-3BFE20C3F51C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D50267F1-CDF0-44C0-AD00-2B31056ADA81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC33CD9-114F-44FE-803B-481CE0FA1152"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "03A4D2DF-CD27-495D-97BD-8368544BA79A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "D051AEA9-B175-4596-82E1-5C1947E90B78"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:8.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B79D5A00-E1B4-4C84-A785-DE95AA269D41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.0.0.0:*:*:*:lts:*:*:*",
"matchCriteriaId": "3B33CE6E-04D7-4AB7-8636-8D13BCBE71DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.0.0.1:*:*:*:lts:*:*:*",
"matchCriteriaId": "34EE34F4-C261-490A-99D3-39931015AF7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.0.0.2:*:*:*:lts:*:*:*",
"matchCriteriaId": "2F6183AA-BD76-4296-B5F4-4BF5C208D6BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.0.0.3:*:*:*:lts:*:*:*",
"matchCriteriaId": "64E400B5-794D-464B-86AB-18DFF51B513B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.0.0.4:*:*:*:lts:*:*:*",
"matchCriteriaId": "AF0640FB-9FC1-42DC-AE8E-F5D08F91499C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.0.0.5:*:*:*:lts:*:*:*",
"matchCriteriaId": "3A17226C-45FE-4813-986E-E56FAE069ED6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.0.0.6:*:*:*:lts:*:*:*",
"matchCriteriaId": "86076A60-CF54-4415-BBB8-43FCE6DAA730"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.0.0.7:*:*:*:lts:*:*:*",
"matchCriteriaId": "377AD541-582A-42BA-95E4-6D5C83853935"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.0.0.8:*:*:*:lts:*:*:*",
"matchCriteriaId": "E740B9BE-F7FE-4C5B-AAA2-374317DB311F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.0.0.9:*:*:*:lts:*:*:*",
"matchCriteriaId": "9E11D5A7-36E7-486F-ADF0-249077131F25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.0.0.10:*:*:*:lts:*:*:*",
"matchCriteriaId": "7A734DD2-B1AB-4878-8FC3-B2DE1E0594A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.1.0.0:*:*:*:lts:*:*:*",
"matchCriteriaId": "2E9E3A1B-D35D-4029-835C-C27917C2ABD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.1.0.1:*:*:*:lts:*:*:*",
"matchCriteriaId": "5B896932-B8E9-4DC9-AFEF-FA78A582C6A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.1.0.2:*:*:*:lts:*:*:*",
"matchCriteriaId": "68CA3D42-2435-40A7-A3C0-C3D96AF0FFE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.1.0.3:*:*:*:lts:*:*:*",
"matchCriteriaId": "7050C0EB-7265-4E8C-A409-F12D290C7814"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.1.0.4:*:*:*:lts:*:*:*",
"matchCriteriaId": "A659039B-261A-4EC9-A98C-5F8AED25DC8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.1.0.5:*:*:*:lts:*:*:*",
"matchCriteriaId": "968BD11F-D548-4288-BA30-1ED1633E6E9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.1.0.6:*:*:*:lts:*:*:*",
"matchCriteriaId": "272C2020-A724-4F41-8AD4-E0F821711653"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.2.0.0:*:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "A5A3F5F2-7759-47F3-948B-59A2DF6DD0B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq:9.2.1.0:*:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "D278C55A-7E38-469F-9D65-35EB02C271F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq_appliance:9.2.0.0:*:*:*:lts:*:*:*",
"matchCriteriaId": "0D974075-234B-443A-A6BE-3E2547379894"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_mq:7.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB55C2B8-5202-4902-B5F3-8254424062F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_mq:7.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0343E94F-6DE2-4E27-AFC5-D4650A4519F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_mq:7.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA4EE08-D531-4957-BF2A-C5A9ABB0F38D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_mq:7.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "751BF695-E27A-4D9F-9190-84A7BCD5E268"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_mq:7.5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA1EF24-9710-4C4A-8059-917C02185CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_mq:7.5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CC257545-44A3-4659-951D-F4DFF3B87CFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_mq:7.5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD4E86C-0E58-4A91-A18C-534464BC197A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_mq:7.5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AE4B1F7A-8989-4B4E-A75E-037B38ED7536"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_mq:7.5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FEC2B-14F4-48EF-A7D2-DA4451EBD402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_mq:7.5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D70EC47A-CDF1-45AC-8393-EE6A604AE538"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/186509",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6408626",
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink