admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-98xx/CVE-2020-9870.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

159 lines
4.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-9870",
"sourceIdentifier": "product-security@apple.com",
"published": "2020-10-16T17:15:15.653",
"lastModified": "2024-11-21T05:41:26.483",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. An attacker with memory write capability may be able to bypass pointer authentication codes and run arbitrary code."
},
{
"lang": "es",
"value": "Se abord\u00f3 un problema l\u00f3gico con una comprobaci\u00f3n mejorada. Este problema es corregido en iOS versi\u00f3n 13.6 y iPadOS versi\u00f3n 13.6, macOS Catalina versi\u00f3n 10.15.6, tvOS 13.4.8. Un atacante con capacidad de escritura en memoria ser capaz de omitir los c\u00f3digos de autenticaci\u00f3n del puntero y ejecutar c\u00f3digo arbitrario"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.6",
"matchCriteriaId": "87D68071-5235-4B50-90F0-B55B0C668840"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.6",
"matchCriteriaId": "0639A5DE-4A59-4F10-A0E7-F6B933E44D47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.15.6",
"matchCriteriaId": "FD0ACF42-C643-4DED-ADF7-4FA29B7578F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.4.8",
"matchCriteriaId": "888463CA-9C67-46B2-B197-DDD3A668F980"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/HT211288",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/HT211289",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/HT211290",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/HT211288",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/HT211289",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/HT211290",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink