mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
188 lines
5.8 KiB
JSON
188 lines
5.8 KiB
JSON
{
|
|
"id": "CVE-2020-5359",
|
|
"sourceIdentifier": "security_alert@emc.com",
|
|
"published": "2020-12-16T16:15:14.320",
|
|
"lastModified": "2021-12-09T18:21:28.610",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to modify and corrupt the encrypted data."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Dell BSAFE Micro Edition Suite, versiones anteriores a 4.5, son susceptibles a una Vulnerabilidad de Valor de Retorno No Comprobado. Un atacante remoto no autenticado podr\u00eda potencialmente explotar esta vulnerabilidad para modificar y corromper los datos cifrados"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "CHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "LOW",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.8,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 1.4
|
|
},
|
|
{
|
|
"source": "security_alert@emc.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "CHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "LOW",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.8,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 1.4
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-252"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"source": "security_alert@emc.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-544"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "4.5",
|
|
"matchCriteriaId": "838D4372-D93F-4BAD-90C2-E6E3BB18C2A9"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:enterprise:*:*:*",
|
|
"matchCriteriaId": "89FE33CE-5995-4C53-8331-B49156F852B3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:database:12.2.0.1:*:*:*:enterprise:*:*:*",
|
|
"matchCriteriaId": "46E7237C-00BD-4490-96C3-A8EAE4CE2C0B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:database:18c:*:*:*:enterprise:*:*:*",
|
|
"matchCriteriaId": "20352616-6BCA-485D-8DD7-DFC97AD6A30D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:database:19c:*:*:*:enterprise:*:*:*",
|
|
"matchCriteriaId": "C1E05472-8F3A-4E46-90E5-50EA6D555FDC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:11.1.1.9.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "068876EF-0594-4BE6-B9EC-04730837013E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9A4AE8A2-62D9-4C08-A608-A057895E4E46"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5E29C004-51D7-4BBE-B28A-EE6B7B10F89F"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://www.dell.com/support/kbdoc/en-us/000181098/dsa-2020-114-dell-bsafe-micro-edition-suite-multiple-security-vulnerabilities",
|
|
"source": "security_alert@emc.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html",
|
|
"source": "security_alert@emc.com",
|
|
"tags": [
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |