[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Jul 15 05:51:03 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ce697acb by Salvatore Bonaccorso at 2020-07-15T06:50:35+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24815,39 +24815,39 @@ CVE-2020-6294
 CVE-2020-6293
 	RESERVED
 CVE-2020-6292 (Logout mechanism in SAP Disclosure Management, version 10.1, does not  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6291 (SAP Disclosure Management, version 10.1, session mechanism does not ha ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6290 (SAP Disclosure Management, version 10.1, is vulnerable to Session Fixa ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6289 (SAP Disclosure Management, version 10.1, had insufficient protection a ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6288
 	RESERVED
 CVE-2020-6287 (SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6286 (The insufficient input path validation of certain parameter in the web ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6285 (SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6284
 	RESERVED
 CVE-2020-6283
 	RESERVED
 CVE-2020-6282 (SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6281 (SAP Business Objects Business Intelligence Platform (BI Launchpad), ve ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6280 (SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6279 (OData APIs and JobApplicationInterview and JobApplication export permi ...)
 	NOT-FOR-US: SAP
 CVE-2020-6278 (SAP Business Objects Business Intelligence Platform (BI Launchpad and  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6277
 	RESERVED
 CVE-2020-6276 (SAP Business Objects Business Intelligence Platform (bipodata), versio ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6275 (SAP Netweaver AS ABAP, versions 700, 701, 702, 710, 711, 730, 731, 740 ...)
 	NOT-FOR-US: SAP
 CVE-2020-6274
@@ -24865,7 +24865,7 @@ CVE-2020-6269 (Under certain conditions SAP Business Objects Business Intelligen
 CVE-2020-6268 (Statutory Reporting for Insurance Companies in SAP ERP (EA-FINSERV ver ...)
 	NOT-FOR-US: SAP
 CVE-2020-6267 (Some sensitive cookies in SAP Disclosure Management, version 10.1, are ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6266 (SAP Fiori for SAP S/4HANA, versions - 100, 200, 300, 400, allows an at ...)
 	NOT-FOR-US: SAP
 CVE-2020-6265 (SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce (Data ...)
@@ -29168,13 +29168,13 @@ CVE-2020-4515
 CVE-2020-4514
 	RESERVED
 CVE-2020-4513 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. Thi ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4512 (IBM QRadar SIEM 7.3 and 7.4 could allow a remote privileged user to ex ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4511 (IBM QRadar SIEM 7.3 and 7.4 could allow an authenticated user to cause ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4510 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity In ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4509 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity In ...)
 	NOT-FOR-US: IBM
 CVE-2020-4508
@@ -29466,7 +29466,7 @@ CVE-2020-4366 (IBM Planning Analytics Local 2.0 is vulnerable to cross-site scri
 CVE-2020-4365 (IBM WebSphere Application Server 8.5 is vulnerable to server-side requ ...)
 	NOT-FOR-US: IBM
 CVE-2020-4364 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. Thi ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4363 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
 CVE-2020-4362 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce697acbf310a62f95267b110156f719454e1b28

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce697acbf310a62f95267b110156f719454e1b28
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200715/7e1ac2c3/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list