admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-78xx/CVE-2020-7821.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

160 lines
4.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-7821",
"sourceIdentifier": "vuln@krcert.or.kr",
"published": "2020-07-02T13:15:10.590",
"lastModified": "2020-07-14T18:34:01.220",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry path. This can be leveraged for code execution by rebooting the victim\u2019s PC"
},
{
"lang": "es",
"value": "Nexacro14/17 ExtCommonApiV13 Library versi\u00f3n 2019.9.6, contiene una vulnerabilidad que podr\u00eda permitir a un atacante remoto ejecutar c\u00f3digo arbitrario mediante la modificaci\u00f3n del valor de la ruta del registro. Esto puede ser aprovechado para la ejecuci\u00f3n del c\u00f3digo mediante el reinicio de la PC de la v\u00edctima"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "vuln@krcert.or.kr",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
},
{
"source": "vuln@krcert.or.kr",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nexaweb:nexacro_14:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2019.9.6",
"matchCriteriaId": "4E95DFB8-11DE-451A-9F7E-FE94E9F67702"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nexaweb:nexacro_17:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2019.9.6",
"matchCriteriaId": "14D39089-6FA2-4FFA-865A-D11171BC058B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "http://support.tobesoft.co.kr/Support/index.html",
"source": "vuln@krcert.or.kr",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35491",
"source": "vuln@krcert.or.kr",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink