[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Aug 27 21:53:02 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eb4844a7 by Salvatore Bonaccorso at 2020-08-27T22:52:08+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -45889,7 +45889,7 @@ CVE-2020-5385 (Dell Encryption versions prior to 10.8 and Dell Endpoint Security
 CVE-2020-5384 (Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Wi ...)
 	NOT-FOR-US: RSA MFA Agent
 CVE-2020-5383 (Dell EMC Isilon OneFS version 8.2.2 and Dell EMC PowerScale OneFS vers ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2020-5382
 	RESERVED
 CVE-2020-5381
@@ -48054,7 +48054,7 @@ CVE-2020-4605
 CVE-2020-4604
 	RESERVED
 CVE-2020-4603 (IBM Security Guardium Insights 2.0.1 performs an operation at a privil ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4602
 	RESERVED
 CVE-2020-4601
@@ -48110,7 +48110,7 @@ CVE-2020-4577
 CVE-2020-4576
 	RESERVED
 CVE-2020-4575 (IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Vir ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4574 (IBM Tivoli Key Lifecycle Manager does not require that users should ha ...)
 	NOT-FOR-US: IBM
 CVE-2020-4573 (IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could disclose sensitiv ...)
@@ -48910,25 +48910,25 @@ CVE-2020-4177 (IBM Security Guardium 11.1 contains hard-coded credentials, such
 CVE-2020-4176
 	RESERVED
 CVE-2020-4175 (IBM Security Guardium Insights 2.0.1 could allow a remote attacker to  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4174 (IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptog ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4173 (IBM Guardium Activity Insights 10.6 and 11.0 does not set the secure a ...)
 	NOT-FOR-US: IBM
 CVE-2020-4172 (IBM Security Guardium Insights 2.0.1 stores sensitive information in U ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4171 (IBM Security Guardium Insights 2.0.1 allows web pages to be stored loc ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4170 (IBM Security Guardium Insights 2.0.1 is vulnerable to cross-site reque ...)
 	NOT-FOR-US: IBM
 CVE-2020-4169 (IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptog ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4168
 	RESERVED
 CVE-2020-4167 (IBM Security Guardium Insights 2.0.1 could allow an attacker to obtain ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4166 (IBM Security Guardium Insights 2.0.1 could allow a remote attacker to  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4165 (IBM Security Guardium Insights 2.0.1 could allow a remote attacker to  ...)
 	NOT-FOR-US: IBM
 CVE-2020-4164 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0. ...)
@@ -334599,7 +334599,7 @@ CVE-2012-2203 (IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in
 CVE-2012-2202 (Directory traversal vulnerability in javatester_init.php in IBM Lotus  ...)
 	NOT-FOR-US: IBM Lotus Protector, IBM ISS Proventia Network Mail Security System
 CVE-2012-2201 (IBM WebSphere MQ 7.1 is vulnerable to a denial of service, caused by a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2012-2200 (The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS ...)
 	NOT-FOR-US: sendmail configuration in AIX
 CVE-2012-2199 (The server message channel agent in the queue manager in the server in ...)
@@ -334682,7 +334682,7 @@ CVE-2012-2162 (The Web Server Plug-in in IBM WebSphere Application Server (WAS)
 CVE-2012-2161 (Cross-site scripting (XSS) vulnerability in deferredView.jsp in IBM Ec ...)
 	NOT-FOR-US: IBM Security AppScan Source
 CVE-2012-2160 (IBM Rational Change 5.3 is vulnerable to cross-site scripting, caused  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2012-2159 (Open redirect vulnerability in IBM Eclipse Help System (IEHS), as used ...)
 	NOT-FOR-US: IBM Eclipse Help System
 CVE-2012-2158



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb4844a722fb8704080ca2aa69e6f740145133d6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb4844a722fb8704080ca2aa69e6f740145133d6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200827/1b341c00/attachment.html>

More information about the debian-security-tracker-commits mailing list