admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-290xx/CVE-2020-29022.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

236 lines
6.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-29022",
"sourceIdentifier": "VulnerabilityReporting@secomea.com",
"published": "2021-02-16T16:15:12.533",
"lastModified": "2024-11-21T05:23:31.880",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Failure to Sanitize host header value on output in the GateManager Web server could allow an attacker to conduct web cache poisoning attacks. This issue affects Secomea GateManager all versions prior to 9.3"
},
{
"lang": "es",
"value": "Un fallo en la saneamiento del valor del encabezado del host en la salida del servidor web GateManager, podr\u00eda permitir a un atacante conducir ataques de envenenamiento de la cach\u00e9 web. Este problema afecta a Secomea GateManager todas las versiones anteriores a 9.3"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-159"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:gatemanager_4250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA20EA3-F08F-4EEC-993D-CFF3B64FEF8D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:gatemanager_4250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DB6136A-5440-4980-940D-CD178DC219B8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:gatemanager_4260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "048A7B3B-193A-475A-B764-AB6434757028"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:gatemanager_4260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B546E62-81BB-4ED8-87C9-41BD79484AD0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:gatemanager_9250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1BAF966-A1EE-4B37-BE84-BF137449C6FF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:gatemanager_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68DE2092-2EA1-4D49-84EB-20BE2CD7B113"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:gatemanager_8250_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.3",
"matchCriteriaId": "5E0BA172-4047-4D60-9F37-A81EC4622376"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:gatemanager_8250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5089C475-2013-4DF6-AD1E-12F576ACAE8E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.secomea.com/support/cybersecurity-advisory/#2923",
"source": "VulnerabilityReporting@secomea.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.secomea.com/support/cybersecurity-advisory/#2923",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink