[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Fri Nov 6 20:56:25 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9c566ca6 by Salvatore Bonaccorso at 2020-11-06T21:55:34+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4497,7 +4497,7 @@ CVE-2020-27198
CVE-2020-27197 (** DISPUTED ** TAXII libtaxii through 1.1.117, as used in EclecticIQ O ...)
NOT-FOR-US: TAXII libtaxii
CVE-2020-27196 (An issue was discovered in PlayJava in Play Framework 2.6.0 through 2. ...)
- TODO: check
+ NOT-FOR-US: Play Framework
CVE-2020-27195 (HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client ...)
- nomad <unfixed> (bug #972795)
NOTE: https://github.com/hashicorp/nomad/issues/9129
@@ -4651,9 +4651,9 @@ CVE-2020-27131
CVE-2020-27130
RESERVED
CVE-2020-27129 (A vulnerability in the remote management feature of Cisco SD-WAN vMana ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-27128 (A vulnerability in the application data endpoints of Cisco SD-WAN vMan ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-27127
RESERVED
CVE-2020-27126
@@ -4663,11 +4663,11 @@ CVE-2020-27125
CVE-2020-27124
RESERVED
CVE-2020-27123 (A vulnerability in the interprocess communication (IPC) channel of Cis ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-27122 (A vulnerability in the Microsoft Active Directory integration of Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-27121 (A vulnerability in Cisco Unified Communications Manager IM & P ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-27120
RESERVED
CVE-2020-27119
@@ -5152,9 +5152,9 @@ CVE-2020-26885
CVE-2020-26884
RESERVED
CVE-2020-26883 (In Play Framework 2.6.0 through 2.8.2, stack consumption can occur bec ...)
- TODO: check
+ NOT-FOR-US: Play Framework
CVE-2020-26882 (In Play Framework 2.6.0 through 2.8.2, data amplification can occur wh ...)
- TODO: check
+ NOT-FOR-US: Play Framework
CVE-2020-26881
RESERVED
CVE-2020-26880 (Sympa through 6.2.57b.2 allows a local privilege escalation from the s ...)
@@ -6878,13 +6878,13 @@ CVE-2020-26089
CVE-2020-26087
RESERVED
CVE-2020-26086 (A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26085
RESERVED
CVE-2020-26084 (A vulnerability in the REST API of Cisco Edge Fog Fabric could allow a ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26083 (A vulnerability in the web-based management interface of Cisco Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26082
RESERVED
CVE-2020-26081
@@ -9001,15 +9001,15 @@ CVE-2020-25176
CVE-2020-25175
RESERVED
CVE-2020-25174 (A DLL hijacking vulnerability in the B. Braun OnlineSuite Version AP 3 ...)
- TODO: check
+ NOT-FOR-US: B. Braun OnlineSuite Version AP
CVE-2020-25173
RESERVED
CVE-2020-25172 (A relative path traversal attack in the B. Braun OnlineSuite Version A ...)
- TODO: check
+ NOT-FOR-US: B. Braun OnlineSuite Version AP
CVE-2020-25171
RESERVED
CVE-2020-25170 (An Excel Macro Injection vulnerability exists in the export feature in ...)
- TODO: check
+ NOT-FOR-US: B. Braun OnlineSuite Version AP
CVE-2020-25169
RESERVED
CVE-2020-25168
@@ -44425,9 +44425,9 @@ CVE-2020-10294
CVE-2020-10293
RESERVED
CVE-2020-10292 (Visual Components (owned by KUKA) is a robotic simulator that allows s ...)
- TODO: check
+ NOT-FOR-US: Visual Components
CVE-2020-10291 (Visual Components (owned by KUKA) is a robotic simulator that allows s ...)
- TODO: check
+ NOT-FOR-US: Visual Components
CVE-2020-10290 (Universal Robots controller execute URCaps (zip files containing Java- ...)
NOT-FOR-US: Universal Robots controller
CVE-2020-10289 (Use of unsafe yaml load. Allows instantiation of arbitrary objects. Th ...)
@@ -48575,13 +48575,13 @@ CVE-2020-8582
CVE-2020-8581
RESERVED
CVE-2020-8580 (SANtricity OS Controller Software versions 11.30 and higher are suscep ...)
- TODO: check
+ NOT-FOR-US: SANtricity OS Controller Software
CVE-2020-8579 (Clustered Data ONTAP versions 9.7 through 9.7P7 are susceptible to a v ...)
NOT-FOR-US: Clustered Data ONTAP
CVE-2020-8578
RESERVED
CVE-2020-8577 (SANtricity OS Controller Software versions 11.50.1 and higher are susc ...)
- TODO: check
+ NOT-FOR-US: SANtricity OS Controller Software
CVE-2020-8576 (Clustered Data ONTAP versions prior to 9.3P19, 9.5P14, 9.6P9 and 9.7 a ...)
NOT-FOR-US: ONTAP
CVE-2020-8575 (Active IQ Unified Manager for VMware vSphere and Windows versions prio ...)
@@ -55625,7 +55625,7 @@ CVE-2020-5797
CVE-2020-5796
RESERVED
CVE-2020-5795 (UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200 ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2020-5794 (A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and ...)
TODO: check
CVE-2020-5793 (A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows &a ...)
@@ -61901,15 +61901,15 @@ CVE-2020-3606
CVE-2020-3605
RESERVED
CVE-2020-3604 (Multiple vulnerabilities in Cisco Webex Network Recording Player for W ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3603 (Multiple vulnerabilities in Cisco Webex Network Recording Player for W ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3602 (A vulnerability in the CLI of Cisco StarOS operating system for Cisco ...)
NOT-FOR-US: Cisco
CVE-2020-3601 (A vulnerability in the CLI of Cisco StarOS operating system for Cisco ...)
NOT-FOR-US: Cisco
CVE-2020-3600 (A vulnerability in Cisco SD-WAN Software could allow an authenticated, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3599 (A vulnerability in the web-based management interface of Cisco Adaptiv ...)
NOT-FOR-US: Cisco
CVE-2020-3598 (A vulnerability in the web-based management interface of Cisco Vision ...)
@@ -61919,23 +61919,23 @@ CVE-2020-3597 (A vulnerability in the configuration restore feature of Cisco Nex
CVE-2020-3596 (A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expr ...)
NOT-FOR-US: Cisco
CVE-2020-3595 (A vulnerability in Cisco SD-WAN Software could allow an authenticated, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3594 (A vulnerability in Cisco SD-WAN Software could allow an authenticated, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3593 (A vulnerability in Cisco SD-WAN Software could allow an authenticated, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3592 (A vulnerability in the web-based management interface of Cisco SD-WAN ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3591 (A vulnerability in the web-based management interface of the Cisco SD- ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3590 (A vulnerability in the web-based management interface of the Cisco SD- ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3589 (A vulnerability in the web-based management interface of Cisco Identit ...)
NOT-FOR-US: Cisco
CVE-2020-3588 (A vulnerability in virtualization channel messaging in Cisco Webex Mee ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3587 (A vulnerability in the web-based management interface of the Cisco SD- ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3586
RESERVED
CVE-2020-3585 (A vulnerability in the TLS handler of Cisco Adaptive Security Applianc ...)
@@ -61951,7 +61951,7 @@ CVE-2020-3581 (Multiple vulnerabilities in the web services interface of Cisco A
CVE-2020-3580 (Multiple vulnerabilities in the web services interface of Cisco Adapti ...)
NOT-FOR-US: Cisco
CVE-2020-3579 (A vulnerability in the web-based management interface of Cisco SD-WAN ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3578 (A vulnerability in the web services interface of Cisco Adaptive Securi ...)
NOT-FOR-US: Cisco
CVE-2020-3577 (A vulnerability in the ingress packet processing path of Cisco Firepow ...)
@@ -61961,9 +61961,9 @@ CVE-2020-3576
CVE-2020-3575
RESERVED
CVE-2020-3574 (A vulnerability in the TCP packet processing functionality of Cisco IP ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3573 (Multiple vulnerabilities in Cisco Webex Network Recording Player for W ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3572 (A vulnerability in the SSL/TLS session handler of Cisco Adaptive Secur ...)
NOT-FOR-US: Cisco
CVE-2020-3571 (A vulnerability in the ICMP ingress packet processing of Cisco Firepow ...)
@@ -61997,7 +61997,7 @@ CVE-2020-3558 (A vulnerability in the web-based management interface of Cisco Fi
CVE-2020-3557 (A vulnerability in the host input API daemon of Cisco Firepower Manage ...)
NOT-FOR-US: Cisco
CVE-2020-3556 (A vulnerability in the interprocess communication (IPC) channel of Cis ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3555 (A vulnerability in the SIP inspection process of Cisco Adaptive Securi ...)
NOT-FOR-US: Cisco
CVE-2020-3554 (A vulnerability in the TCP packet processing of Cisco Adaptive Securit ...)
@@ -62007,7 +62007,7 @@ CVE-2020-3553 (Multiple vulnerabilities in the web-based management interface of
CVE-2020-3552 (A vulnerability in the Ethernet packet handling of Cisco Aironet Acces ...)
NOT-FOR-US: Cisco
CVE-2020-3551 (A vulnerability in the web-based management interface of Cisco Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3550 (A vulnerability in the sfmgr daemon of Cisco Firepower Management Cent ...)
NOT-FOR-US: Cisco
CVE-2020-3549 (A vulnerability in the sftunnel functionality of Cisco Firepower Manag ...)
@@ -62224,7 +62224,7 @@ CVE-2020-3446 (A vulnerability in Cisco Virtual Wide Area Application Services (
CVE-2020-3445
RESERVED
CVE-2020-3444 (A vulnerability in the packet filtering features of Cisco SD-WAN Softw ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3443 (A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) ...)
NOT-FOR-US: Cisco
CVE-2020-3442 (The DuoConnect client enables users to establish SSH connections to ho ...)
@@ -62370,7 +62370,7 @@ CVE-2020-3373 (A vulnerability in the IP fragment-handling implementation of Cis
CVE-2020-3372 (A vulnerability in the web-based management interface of Cisco SD-WAN ...)
NOT-FOR-US: Cisco
CVE-2020-3371 (A vulnerability in the web UI of Cisco Integrated Management Controlle ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3370 (A vulnerability in URL filtering of Cisco Content Security Management ...)
NOT-FOR-US: Cisco
CVE-2020-3369 (A vulnerability in the deep packet inspection (DPI) engine of Cisco SD ...)
@@ -62556,7 +62556,7 @@ CVE-2020-3286 (Multiple vulnerabilities in the web-based management interface of
CVE-2020-3285 (A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) ...)
NOT-FOR-US: Cisco
CVE-2020-3284 (A vulnerability in the enhanced Preboot eXecution Environment (PXE) bo ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3283 (A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Secu ...)
NOT-FOR-US: Cisco
CVE-2020-3282 (A vulnerability in the web-based management interface of Cisco Unified ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c566ca64e4ca63891ebce28bfaface337e923e3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c566ca64e4ca63891ebce28bfaface337e923e3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201106/c0b759e9/attachment.html>
More information about the debian-security-tracker-commits
mailing list