admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-73xx/CVE-2020-7332.json
cad-safe-bot 48436003e5 Auto-Update: 2023-11-16T05:00:21.359057+00:00
2023-11-16 05:00:25 +00:00

136 lines
4.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-7332",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2020-11-12T10:15:13.623",
"lastModified": "2023-11-16T03:05:59.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows an attacker to execute arbitrary HTML code due to incorrect security configuration."
},
{
"lang": "es",
"value": "Vulnerabilidad de tipo Cross Site Request Forgery en la extensi\u00f3n ePO del firewall de McAfee Endpoint Security (ENS) versiones anteriores a 10.7.0, actualizaci\u00f3n de Noviembre de 2020, permite a un atacante ejecutar c\u00f3digo HTML arbitrario debido a una configuraci\u00f3n de seguridad incorrecta"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 5.5
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "10.6.1",
"matchCriteriaId": "277DF1D5-0C18-4549-875C-84828ABE7B20"
}
]
}
]
}
],
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10335",
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink