admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-82xx/CVE-2020-8270.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

132 lines
3.8 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-8270",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-11-16T01:15:13.687",
"lastModified": "2024-11-21T05:38:37.610",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unprivileged Windows user on the VDA or an SMB user can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285871 and CTX285872, 7.15 LTSR CU6 hotfix CTX285341 and CTX285342"
},
{
"lang": "es",
"value": "Un usuario de Windows no privilegiado en el VDA o un usuario SMB puede llevar a cabo una ejecuci\u00f3n de comandos arbitrarios como SYSTEM en CVAD versiones anteriores al 2009, versi\u00f3n 1912 LTSR CU1 hotfixes CTX285871 y CTX285872, versi\u00f3n 7.15 LTSR CU6 hotfix CTX285341 y CTX285342"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"baseScore": 9.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:*:*:*:*:-:*:*:*",
"versionEndIncluding": "2006",
"matchCriteriaId": "5D9D1D8B-8C9A-4CF7-8CCD-2CFDA4AB5970"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:*:*:*:*:ltsr:*:*:*",
"versionStartIncluding": "1903",
"versionEndIncluding": "1912",
"matchCriteriaId": "799D10F0-247F-4BD2-9DA1-D37B043001C8"
}
]
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX285059",
"source": "support@hackerone.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://support.citrix.com/article/CTX285059",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink