[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
186a574b by Salvatore Bonaccorso at 2020-09-16T22:37:27+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1294,7 +1294,7 @@ CVE-2020-25018
 CVE-2020-25017
 	RESERVED
 CVE-2020-25015 (A specific router allows changing the Wi-Fi password remotely. Genexis ...)
-	TODO: check
+	NOT-FOR-US: Genexis Platinum 4410 V2-1.28
 CVE-2020-25014
 	RESERVED
 CVE-2020-25013
@@ -26842,7 +26842,7 @@ CVE-2020-13261 (Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later
 CVE-2020-13260
 	RESERVED
 CVE-2020-13259 (A vulnerability in the web-based management interface of RAD SecFlow-1 ...)
-	TODO: check
+	NOT-FOR-US: RAD SecFlow-1v os-image
 CVE-2020-13258 (Contentful through 2020-05-21 for Python allows reflected XSS, as demo ...)
 	NOT-FOR-US: Contentful
 CVE-2020-13257
@@ -42702,15 +42702,15 @@ CVE-2020-7534
 CVE-2020-7533
 	RESERVED
 CVE-2020-7532 (A CWE-502 Deserialization of Untrusted Data vulnerability exists in SC ...)
-	TODO: check
+	NOT-FOR-US: SCADAPack x70 Security Administrator
 CVE-2020-7531 (A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x ...)
-	TODO: check
+	NOT-FOR-US: SCADAPack 7x Remote Connect
 CVE-2020-7530 (A CWE-285 Improper Authorization vulnerability exists in SCADAPack 7x  ...)
-	TODO: check
+	NOT-FOR-US: SCADAPack 7x Remote Connect
 CVE-2020-7529 (A CWE-22 Improper Limitation of a Pathname to a Restricted Directory ( ...)
-	TODO: check
+	NOT-FOR-US: SCADAPack 7x Remote Connect
 CVE-2020-7528 (A CWE-502 Deserialization of Untrusted Data vulnerability exists in SC ...)
-	TODO: check
+	NOT-FOR-US: SCADAPack 7x Remote Connect
 CVE-2020-7527 (Incorrect Default Permission vulnerability exists in SoMove (V2.8.1) a ...)
 	NOT-FOR-US: Schneider
 CVE-2020-7526 (Improper Input Validation vulnerability exists in PowerChute Business  ...)
@@ -44575,7 +44575,7 @@ CVE-2020-6783
 CVE-2020-6782
 	RESERVED
 CVE-2020-6781 (Improper certificate validation for certain connections in the Bosch S ...)
-	TODO: check
+	NOT-FOR-US: Bosch Smart Home System App for iOS
 CVE-2020-6780
 	RESERVED
 CVE-2020-6779
@@ -51469,15 +51469,15 @@ CVE-2020-3992
 CVE-2020-3991
 	RESERVED
 CVE-2020-3990 (VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5 ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2020-3989 (VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5 ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2020-3988 (VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5 ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2020-3987 (VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5 ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2020-3986 (VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5 ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2020-3985
 	RESERVED
 CVE-2020-3984
@@ -51489,7 +51489,7 @@ CVE-2020-3982
 CVE-2020-3981
 	RESERVED
 CVE-2020-3980 (VMware Fusion (11.x) contains a privilege escalation vulnerability due ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2020-3979
 	RESERVED
 CVE-2020-3978



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/186a574b3a06436e5f8758dc46d68658d09f1931

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/186a574b3a06436e5f8758dc46d68658d09f1931
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200916/7b99d614/attachment-0001.html>