admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-158xx/CVE-2020-15841.json
cad-safe-bot becdc73e0c Auto-Update: 2025-05-13T20:00:15.257120+00:00
2025-05-13 20:03:49 +00:00

511 lines
21 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-15841",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-07-20T02:15:11.347",
"lastModified": "2025-05-13T18:17:51.450",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7.1 before fix pack 17, and 7.2 before fix pack 4, does not safely test a connection to a LDAP server, which allows remote attackers to obtain the LDAP server's password via the Test LDAP Connection feature."
},
{
"lang": "es",
"value": "Liferay Portal versiones anteriores a 7.3.0, y Liferay DXP versi\u00f3n 7.0 anterior al paquete de correcci\u00f3n 89, versi\u00f3n 7.1 anterior al paquete de correcci\u00f3n 17, y versi\u00f3n 7.2 anterior al paquete de correcci\u00f3n 4, no prueba de forma segura una conexi\u00f3n a un servidor LDAP, lo que permite a los atacantes remotos obtener la contrase\u00f1a del servidor LDAP a trav\u00e9s de la funci\u00f3n Probar conexi\u00f3n LDAP"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"baseScore": 4.3,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D503E0C8-32A5-4EF7-80D3-B47BA58FBBA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_13:*:*:*:*:*:*",
"matchCriteriaId": "70E12054-0DEE-4B92-B8F6-7DC4B2461113"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_14:*:*:*:*:*:*",
"matchCriteriaId": "3B566A51-3EFC-4A08-8A4F-A9AA43FBE481"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_24:*:*:*:*:*:*",
"matchCriteriaId": "F220793A-FDAC-48C6-B299-39EB3BC077A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_25:*:*:*:*:*:*",
"matchCriteriaId": "F095A9E1-5FE1-46C4-B0E1-97F8767439D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_26:*:*:*:*:*:*",
"matchCriteriaId": "DFD748DD-6FDB-44CD-96BF-026D18CE4207"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_27:*:*:*:*:*:*",
"matchCriteriaId": "0A34F2EA-D0F7-4C9B-BFE6-DA334DFD0EDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_28:*:*:*:*:*:*",
"matchCriteriaId": "4B3C2426-7617-4535-B86A-7F9BA45DFD0E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "CA6B2500-42E4-4F87-8B93-2F7399B4F611"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_30:*:*:*:*:*:*",
"matchCriteriaId": "28955834-8E02-4558-ABD3-4958DBB41423"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_33:*:*:*:*:*:*",
"matchCriteriaId": "C4206C84-C4BD-4363-A4CA-EE229CE06319"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_35:*:*:*:*:*:*",
"matchCriteriaId": "4F644864-1056-4A0C-ADD7-A1992A0AC07D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_36:*:*:*:*:*:*",
"matchCriteriaId": "91E9BAE9-CD40-4353-95DB-7D9ADC338F95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_39:*:*:*:*:*:*",
"matchCriteriaId": "661E68A2-B365-4962-87CF-CE17A500889F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_40:*:*:*:*:*:*",
"matchCriteriaId": "A5D28279-002A-4BC7-9396-E47FC842D7AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_41:*:*:*:*:*:*",
"matchCriteriaId": "C700ED72-4626-48A0-B1BB-E0A7C12D454F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_42:*:*:*:*:*:*",
"matchCriteriaId": "8F473DF1-F70D-4EDB-A011-C8D1C6A21659"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_43:*:*:*:*:*:*",
"matchCriteriaId": "C2351EAC-F6AD-4611-B9BD-39C4DFE85B5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_44:*:*:*:*:*:*",
"matchCriteriaId": "357845C1-3834-465A-B9CA-F9C604AA8242"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_45:*:*:*:*:*:*",
"matchCriteriaId": "DD35964D-4156-45B8-A0AB-282DA9F4FA47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_46:*:*:*:*:*:*",
"matchCriteriaId": "35656567-EF24-4948-A72A-C754D6E419B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_47:*:*:*:*:*:*",
"matchCriteriaId": "E9A3D95D-4539-432D-B241-376F312534AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_48:*:*:*:*:*:*",
"matchCriteriaId": "81F329F1-5BB1-42A7-98CE-B0EB5819D60A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_49:*:*:*:*:*:*",
"matchCriteriaId": "5B7111FA-9FD7-4952-AFE1-07D3E14854F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_50:*:*:*:*:*:*",
"matchCriteriaId": "2C7A080F-9C99-41A0-BC63-EBDDC0DF7B8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_51:*:*:*:*:*:*",
"matchCriteriaId": "0383C4C4-A7BB-418D-9A98-AC4233722961"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_52:*:*:*:*:*:*",
"matchCriteriaId": "AA281A20-7599-446B-9587-118E920403D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_53:*:*:*:*:*:*",
"matchCriteriaId": "9514E8F5-1D0B-4CDF-BD03-087326F6C252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_54:*:*:*:*:*:*",
"matchCriteriaId": "78BC7D6C-2A10-4F78-9C41-EA97665C246E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_56:*:*:*:*:*:*",
"matchCriteriaId": "CA9BE427-78D7-4DEE-A174-F3E3675B44A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_57:*:*:*:*:*:*",
"matchCriteriaId": "6C10325C-8670-499B-B003-7D8634539C5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_58:*:*:*:*:*:*",
"matchCriteriaId": "5F692BEB-5CB1-41EA-B715-64AB0036F6CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_59:*:*:*:*:*:*",
"matchCriteriaId": "427C4DF5-9039-4CB5-B600-5F965E20D945"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_60:*:*:*:*:*:*",
"matchCriteriaId": "44B7A2A2-5764-4EDB-AA44-25F8508CF128"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_61:*:*:*:*:*:*",
"matchCriteriaId": "55D94917-5360-4179-A017-1287C63A6E6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_64:*:*:*:*:*:*",
"matchCriteriaId": "1D378A23-113D-47AC-9CB5-2658C357FFB4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_65:*:*:*:*:*:*",
"matchCriteriaId": "58FB119E-508C-45F7-8AD8-B67AAAEA53D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_66:*:*:*:*:*:*",
"matchCriteriaId": "8B3359A5-D39B-4322-8963-B138D791D232"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_67:*:*:*:*:*:*",
"matchCriteriaId": "E11E2FBD-7541-4CE3-8A78-52FB82571547"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_68:*:*:*:*:*:*",
"matchCriteriaId": "3883F470-8D8D-4CB3-BF4A-0C401BDABC83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_69:*:*:*:*:*:*",
"matchCriteriaId": "1BDCF010-04BF-4FA5-9E14-F6461FED3FFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_70:*:*:*:*:*:*",
"matchCriteriaId": "7E8CEA39-4A7F-4827-91FA-31119201D174"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_71:*:*:*:*:*:*",
"matchCriteriaId": "D3768AC9-A245-4B81-8D1D-9D9C5354245C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_72:*:*:*:*:*:*",
"matchCriteriaId": "71CA65C9-C0FC-4CBD-A8B0-DD72604A46F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_73:*:*:*:*:*:*",
"matchCriteriaId": "9F06DECA-F45D-49DA-BB24-AA1F0306B0B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_75:*:*:*:*:*:*",
"matchCriteriaId": "6FF2D31F-8719-41A6-ADD5-15BE9409428E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_76:*:*:*:*:*:*",
"matchCriteriaId": "DE56F5E5-73CF-4636-9F98-86BDDA3F6A47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_78:*:*:*:*:*:*",
"matchCriteriaId": "A1A0EFCE-4B74-4B4D-AB6E-5730F26B38FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_79:*:*:*:*:*:*",
"matchCriteriaId": "F02DCC86-C3F7-482C-9BFB-B7971FB10AEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_80:*:*:*:*:*:*",
"matchCriteriaId": "06835B0A-A2DF-44D3-A38F-59E5D5523FFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_81:*:*:*:*:*:*",
"matchCriteriaId": "B746D0CF-76F6-42A1-9056-CA9622DCD806"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E153DAE-AA7E-4CDA-95EE-813BDC74FB44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "072F6C59-3D86-48D1-A14E-477FFFA3B1D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*",
"matchCriteriaId": "FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*",
"matchCriteriaId": "680D7963-1393-4E86-A65F-D4463D532120"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*",
"matchCriteriaId": "D81E73DD-FD21-4082-A883-34422AE6C024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*",
"matchCriteriaId": "E6DD0451-98EA-4140-8294-77A14F063E2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*",
"matchCriteriaId": "CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*",
"matchCriteriaId": "408BD438-E15C-422F-9612-C62A7387FC63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*",
"matchCriteriaId": "A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "386F0E26-78DC-4D59-A20F-B41D0E59561B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "54576481-2AE9-4133-9EFA-B7FBDCA4427D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*",
"matchCriteriaId": "E29CE810-76D5-4283-B102-70344B6C9506"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*",
"matchCriteriaId": "DA869467-C560-4130-A180-86819F6A8673"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*",
"matchCriteriaId": "CC0C94B7-31FB-4115-8EDE-62CC459B6663"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*",
"matchCriteriaId": "07DEAA71-53DA-4508-B7E6-924ABED49E66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*",
"matchCriteriaId": "467323F6-5CA7-42A0-9810-C6FA694CEC93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*",
"matchCriteriaId": "32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EA51C4-32C3-4B1A-B7D6-BAFA84E75E68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "E7E68DF8-749B-4284-A7C9-929701A86B36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "7CECAA19-8B7F-44C8-8059-6D4F2105E196"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "68CBCEEB-7C28-4769-813F-3F01E33D2E08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.3.0",
"matchCriteriaId": "8B61E29C-3071-41EF-9774-185F91282DEB"
}
]
}
]
}
],
"references": [
{
"url": "https://issues.liferay.com/browse/LPE-16928",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317439",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://issues.liferay.com/browse/LPE-16928",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317439",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink