[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Oct 20 21:18:13 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d75abbc9 by Salvatore Bonaccorso at 2020-10-20T22:17:38+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -49993,15 +49993,15 @@ CVE-2020-6372 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to op
 CVE-2020-6371 (User enumeration vulnerability can be exploited to get a list of user  ...)
 	NOT-FOR-US: SAP
 CVE-2020-6370 (SAP NetWeaver Design Time Repository (DTR), versions - 7.11, 7.30, 7.3 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6369 (SAP Solution Manager and SAP Focused Run (update provided in WILY_INTR ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6368 (SAP Business Planning and Consolidation, versions - 750, 751, 752, 753 ...)
 	NOT-FOR-US: SAP
 CVE-2020-6367 (There is a reflected cross site scripting vulnerability in SAP NetWeav ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6366 (SAP NetWeaver (Compare Systems) versions - 7.20, 7.30, 7.40, 7.50, doe ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6365 (SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40,  ...)
 	NOT-FOR-US: SAP
 CVE-2020-6364 (SAP Solution Manager and SAP Focused Run (update provided in WILY_INTR ...)
@@ -50009,7 +50009,7 @@ CVE-2020-6364 (SAP Solution Manager and SAP Focused Run (update provided in WILY
 CVE-2020-6363 (SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, exposes several ...)
 	NOT-FOR-US: SAP
 CVE-2020-6362 (SAP Banking Services version 500, use an incorrect authorization objec ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6361 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
 	NOT-FOR-US: SAP
 CVE-2020-6360 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
@@ -50103,7 +50103,7 @@ CVE-2020-6317
 CVE-2020-6316
 	RESERVED
 CVE-2020-6315 (SAP 3D Visual Enterprise Viewer, version 9, allows an attacker to send ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6314 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
 	NOT-FOR-US: SAP
 CVE-2020-6313 (SAP NetWeaver Application Server JAVA(XML Forms) versions 7.30, 7.31,  ...)
@@ -50117,7 +50117,7 @@ CVE-2020-6310 (Improper access control in SOA Configuration Trace component in S
 CVE-2020-6309 (SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7. ...)
 	NOT-FOR-US: SAP
 CVE-2020-6308 (SAP BusinessObjects Business Intelligence Platform (Web Services) vers ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6307 (Automated Note Search Tool (update provided in SAP Basis 7.0, 7.01, 7. ...)
 	NOT-FOR-US: SAP
 CVE-2020-6306 (Missing authorization check in a transaction within SAP Leasing (updat ...)
@@ -54035,9 +54035,9 @@ CVE-2020-4758
 CVE-2020-4757
 	RESERVED
 CVE-2020-4756 (IBM Spectrum Scale V4.2.0.0 through V4.2.3.23 and V5.0.0.0 through V5. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4755 (IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site s ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4754
 	RESERVED
 CVE-2020-4753
@@ -54049,9 +54049,9 @@ CVE-2020-4751
 CVE-2020-4750
 	RESERVED
 CVE-2020-4749 (IBM Spectrum Scale 5.0.0 through 5.0.5.2 does not set the secure attri ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4748 (IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site s ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4747
 	RESERVED
 CVE-2020-4746
@@ -54419,7 +54419,7 @@ CVE-2020-4566
 CVE-2020-4565 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an attacke ...)
 	NOT-FOR-US: IBM
 CVE-2020-4564 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4563
 	RESERVED
 CVE-2020-4562
@@ -54565,7 +54565,7 @@ CVE-2020-4493 (IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow an attack
 CVE-2020-4492 (IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2 ...)
 	NOT-FOR-US: IBM
 CVE-2020-4491 (IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4490 (IBM Business Automation Workflow 18 and 19, and IBM Business Process M ...)
 	NOT-FOR-US: IBM
 CVE-2020-4489
@@ -109507,7 +109507,7 @@ CVE-2019-4682
 CVE-2019-4681 (IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cr ...)
 	NOT-FOR-US: IBM
 CVE-2019-4680 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.2.2 i ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4679 (IBM Content Navigator 3.0CD could allow an authenticated user to gain  ...)
 	NOT-FOR-US: IBM
 CVE-2019-4678



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d75abbc927d43a25f98b901611739d8be14f42eb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d75abbc927d43a25f98b901611739d8be14f42eb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201020/a4bf0163/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list