cvelistv5 - cve-2020-29507

▼	URL	Tags
	security_alert@emc.com	https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities	Vendor Advisory
	security_alert@emc.com	https://www.oracle.com/security-alerts/cpujul2022.html	Patch, Third Party Advisory

▼	Vendor	Product
	Dell	Dell BSAFE Crypto-C Micro Edition

ghsa-4fcp-32xr-m94m

Vulnerability from github

Published

2022-07-12 00:00

Modified

2022-07-19 00:00

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-29507"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-11T20:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite,\nversions before 4.4, contain an Improper Input Validation Vulnerability.",
  "id": "GHSA-4fcp-32xr-m94m",
  "modified": "2022-07-19T00:00:26Z",
  "published": "2022-07-12T00:00:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29507"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

wid-sec-w-2022-0714

Vulnerability from csaf_certbund

Published

2022-07-18 22:00

Modified

2024-02-04 23:00

Summary

Dell BSAFE: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Dell BSAFE ist eine Sicherheitssoftware, die Entwicklern ermöglicht weitreichende Sicherheitsziele ihrer Applikationen zu erreichen.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Dell BSAFE ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren.

Betroffene Betriebssysteme

- UNIX - Linux - Windows - Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Dell  BSAFE ist eine Sicherheitssoftware, die Entwicklern erm\u00f6glicht weitreichende Sicherheitsziele ihrer Applikationen zu erreichen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Dell BSAFE ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-0714 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0714.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-0714 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0714"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2020-286 vom 2022-07-18",
        "url": "https://www.dell.com/support/kbdoc/de-de/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-070 vom 2024-02-03",
        "url": "https://www.dell.com/support/kbdoc/000221770/dsa-2024-="
      }
    ],
    "source_lang": "en-US",
    "title": "Dell BSAFE: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-02-04T23:00:00.000+00:00",
      "generator": {
        "date": "2024-02-15T16:53:13.640+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2022-0714",
      "initial_release_date": "2022-07-18T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-07-18T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-02-04T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Dell aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Dell BSAFE \u003c 4.1.5",
                "product": {
                  "name": "Dell BSAFE \u003c 4.1.5",
                  "product_id": "T023891",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:bsafe:4.1.5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Dell BSAFE \u003c 4.5.2",
                "product": {
                  "name": "Dell BSAFE \u003c 4.5.2",
                  "product_id": "T023892",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:bsafe:4.5.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Dell BSAFE \u003c 4.6",
                "product": {
                  "name": "Dell BSAFE \u003c 4.6",
                  "product_id": "T023893",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:bsafe:4.6"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "BSAFE"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "EMC Avamar",
            "product": {
              "name": "EMC Avamar",
              "product_id": "T014381",
              "product_identification_helper": {
                "cpe": "cpe:/a:emc:avamar:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "EMC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-29504",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BSAFE existieren mehrere Schwachstellen. Es bestehen Fehler hinsichtlich der Eingabevalidierung, unvollst\u00e4ndiger Ausf\u00fchrung von Krypto-Operationen, Fehler mit dem Schl\u00fcsselmanagement sowie mehrere Fehler die Timing-Angriffe erm\u00f6glichen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T014381"
        ]
      },
      "release_date": "2022-07-18T22:00:00Z",
      "title": "CVE-2020-29504"
    },
    {
      "cve": "CVE-2020-29505",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BSAFE existieren mehrere Schwachstellen. Es bestehen Fehler hinsichtlich der Eingabevalidierung, unvollst\u00e4ndiger Ausf\u00fchrung von Krypto-Operationen, Fehler mit dem Schl\u00fcsselmanagement sowie mehrere Fehler die Timing-Angriffe erm\u00f6glichen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T014381"
        ]
      },
      "release_date": "2022-07-18T22:00:00Z",
      "title": "CVE-2020-29505"
    },
    {
      "cve": "CVE-2020-29506",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BSAFE existieren mehrere Schwachstellen. Es bestehen Fehler hinsichtlich der Eingabevalidierung, unvollst\u00e4ndiger Ausf\u00fchrung von Krypto-Operationen, Fehler mit dem Schl\u00fcsselmanagement sowie mehrere Fehler die Timing-Angriffe erm\u00f6glichen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T014381"
        ]
      },
      "release_date": "2022-07-18T22:00:00Z",
      "title": "CVE-2020-29506"
    },
    {
      "cve": "CVE-2020-29507",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BSAFE existieren mehrere Schwachstellen. Es bestehen Fehler hinsichtlich der Eingabevalidierung, unvollst\u00e4ndiger Ausf\u00fchrung von Krypto-Operationen, Fehler mit dem Schl\u00fcsselmanagement sowie mehrere Fehler die Timing-Angriffe erm\u00f6glichen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T014381"
        ]
      },
      "release_date": "2022-07-18T22:00:00Z",
      "title": "CVE-2020-29507"
    },
    {
      "cve": "CVE-2020-29508",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BSAFE existieren mehrere Schwachstellen. Es bestehen Fehler hinsichtlich der Eingabevalidierung, unvollst\u00e4ndiger Ausf\u00fchrung von Krypto-Operationen, Fehler mit dem Schl\u00fcsselmanagement sowie mehrere Fehler die Timing-Angriffe erm\u00f6glichen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T014381"
        ]
      },
      "release_date": "2022-07-18T22:00:00Z",
      "title": "CVE-2020-29508"
    },
    {
      "cve": "CVE-2020-35163",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BSAFE existieren mehrere Schwachstellen. Es bestehen Fehler hinsichtlich der Eingabevalidierung, unvollst\u00e4ndiger Ausf\u00fchrung von Krypto-Operationen, Fehler mit dem Schl\u00fcsselmanagement sowie mehrere Fehler die Timing-Angriffe erm\u00f6glichen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T014381"
        ]
      },
      "release_date": "2022-07-18T22:00:00Z",
      "title": "CVE-2020-35163"
    },
    {
      "cve": "CVE-2020-35164",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BSAFE existieren mehrere Schwachstellen. Es bestehen Fehler hinsichtlich der Eingabevalidierung, unvollst\u00e4ndiger Ausf\u00fchrung von Krypto-Operationen, Fehler mit dem Schl\u00fcsselmanagement sowie mehrere Fehler die Timing-Angriffe erm\u00f6glichen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T014381"
        ]
      },
      "release_date": "2022-07-18T22:00:00Z",
      "title": "CVE-2020-35164"
    },
    {
      "cve": "CVE-2020-35165",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BSAFE existieren mehrere Schwachstellen. Es bestehen Fehler hinsichtlich der Eingabevalidierung, unvollst\u00e4ndiger Ausf\u00fchrung von Krypto-Operationen, Fehler mit dem Schl\u00fcsselmanagement sowie mehrere Fehler die Timing-Angriffe erm\u00f6glichen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T014381"
        ]
      },
      "release_date": "2022-07-18T22:00:00Z",
      "title": "CVE-2020-35165"
    },
    {
      "cve": "CVE-2020-35166",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BSAFE existieren mehrere Schwachstellen. Es bestehen Fehler hinsichtlich der Eingabevalidierung, unvollst\u00e4ndiger Ausf\u00fchrung von Krypto-Operationen, Fehler mit dem Schl\u00fcsselmanagement sowie mehrere Fehler die Timing-Angriffe erm\u00f6glichen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T014381"
        ]
      },
      "release_date": "2022-07-18T22:00:00Z",
      "title": "CVE-2020-35166"
    },
    {
      "cve": "CVE-2020-35167",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BSAFE existieren mehrere Schwachstellen. Es bestehen Fehler hinsichtlich der Eingabevalidierung, unvollst\u00e4ndiger Ausf\u00fchrung von Krypto-Operationen, Fehler mit dem Schl\u00fcsselmanagement sowie mehrere Fehler die Timing-Angriffe erm\u00f6glichen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T014381"
        ]
      },
      "release_date": "2022-07-18T22:00:00Z",
      "title": "CVE-2020-35167"
    },
    {
      "cve": "CVE-2020-35168",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BSAFE existieren mehrere Schwachstellen. Es bestehen Fehler hinsichtlich der Eingabevalidierung, unvollst\u00e4ndiger Ausf\u00fchrung von Krypto-Operationen, Fehler mit dem Schl\u00fcsselmanagement sowie mehrere Fehler die Timing-Angriffe erm\u00f6glichen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T014381"
        ]
      },
      "release_date": "2022-07-18T22:00:00Z",
      "title": "CVE-2020-35168"
    },
    {
      "cve": "CVE-2020-35169",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BSAFE existieren mehrere Schwachstellen. Es bestehen Fehler hinsichtlich der Eingabevalidierung, unvollst\u00e4ndiger Ausf\u00fchrung von Krypto-Operationen, Fehler mit dem Schl\u00fcsselmanagement sowie mehrere Fehler die Timing-Angriffe erm\u00f6glichen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T014381"
        ]
      },
      "release_date": "2022-07-18T22:00:00Z",
      "title": "CVE-2020-35169"
    },
    {
      "cve": "CVE-2021-21575",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BSAFE existieren mehrere Schwachstellen. Es bestehen Fehler hinsichtlich der Eingabevalidierung, unvollst\u00e4ndiger Ausf\u00fchrung von Krypto-Operationen, Fehler mit dem Schl\u00fcsselmanagement sowie mehrere Fehler die Timing-Angriffe erm\u00f6glichen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen oder Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T014381"
        ]
      },
      "release_date": "2022-07-18T22:00:00Z",
      "title": "CVE-2021-21575"
    }
  ]
}

gsd-2020-29507

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability.

Aliases

CVE-2020-29507

Aliases

CVE-2020-29507

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-29507",
    "description": "Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite,\r\nversions before 4.4, contain an Improper Input Validation Vulnerability.",
    "id": "GSD-2020-29507"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-29507"
      ],
      "details": "Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability.",
      "id": "GSD-2020-29507",
      "modified": "2023-12-13T01:22:11.825095Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@dell.com",
        "DATE_PUBLIC": "2020-07-06",
        "ID": "CVE-2020-29507",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Dell BSAFE Crypto-C Micro Edition",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "4.1.5 and 4.6"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Dell"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability."
          }
        ]
      },
      "impact": {
        "cvss": {
          "baseScore": 5.3,
          "baseSeverity": "Medium",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-20: Improper Input Validation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities",
            "refsource": "MISC",
            "url": "https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpujul2022.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:dell:bsafe_crypto-c-micro-edition:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.1.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.4",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:security_service:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:security_service:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database:19c:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database:21c:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@dell.com",
          "ID": "CVE-2020-29507"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "N/A",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities"
            },
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-11-29T02:56Z",
      "publishedDate": "2022-07-11T20:15Z"
    }
  }
}

var-202207-0579

Vulnerability from variot

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability. (DoS) It may be in a state. Dell BSAFE Micro Edition Suite is a development kit that provides encryption, certificates and transport layer security for c/c++ applications, devices and systems. Dell BSAFE is a security software product that supports encryption algorithms, certificate chain verification, Transport Layer Security (TLS) cipher suites, etc. to help users achieve various security goals for their applications

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202207-0579",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "bsafe crypto-c-micro-edition",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "dell",
        "version": "4.1.4"
      },
      {
        "model": "http server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.3.0"
      },
      {
        "model": "database",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "19c"
      },
      {
        "model": "security service",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.3.0"
      },
      {
        "model": "weblogic server proxy plug-in",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.4.0"
      },
      {
        "model": "bsafe micro-edition-suite",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "dell",
        "version": "4.4"
      },
      {
        "model": "database",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "21c"
      },
      {
        "model": "weblogic server proxy plug-in",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.3.0"
      },
      {
        "model": "database",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.0.2"
      },
      {
        "model": "http server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.4.0"
      },
      {
        "model": "security service",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.4.0"
      },
      {
        "model": "oracle security service",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30aa\u30e9\u30af\u30eb",
        "version": null
      },
      {
        "model": "oracle database",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30aa\u30e9\u30af\u30eb",
        "version": null
      },
      {
        "model": "bsafe crypto-c micro edition",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30c7\u30eb",
        "version": null
      },
      {
        "model": "bsafe micro edition suite",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30c7\u30eb",
        "version": null
      },
      {
        "model": "oracle weblogic server proxy plug-in",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30aa\u30e9\u30af\u30eb",
        "version": null
      },
      {
        "model": "oracle http server",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30aa\u30e9\u30af\u30eb",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-016812"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-29507"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:dell:bsafe_crypto-c-micro-edition:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.1.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.4",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:security_service:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:security_service:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database:19c:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database:21c:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-29507"
      }
    ]
  },
  "cve": "CVE-2020-29507",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2020-29507",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-376211",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "security_alert@emc.com",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 3.9,
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2020-29507",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-29507",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "security_alert@emc.com",
            "id": "CVE-2020-29507",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202207-837",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-376211",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-29507",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-376211"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-29507"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-016812"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-29507"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-29507"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-837"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability. (DoS) It may be in a state. Dell BSAFE Micro Edition Suite is a development kit that provides encryption, certificates and transport layer security for c/c++ applications, devices and systems. Dell BSAFE is a security software product that supports encryption algorithms, certificate chain verification, Transport Layer Security (TLS) cipher suites, etc. to help users achieve various security goals for their applications",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-29507"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-016812"
      },
      {
        "db": "VULHUB",
        "id": "VHN-376211"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-29507"
      }
    ],
    "trust": 1.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-29507",
        "trust": 3.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-016812",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-837",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-84619",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-376211",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-29507",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-376211"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-29507"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-016812"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-29507"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-837"
      }
    ]
  },
  "id": "VAR-202207-0579",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-376211"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:55:51.465000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Oracle\u00a0Critical\u00a0Patch\u00a0Update\u00a0Advisory\u00a0-\u00a0July\u00a02022 Dell Security\u00a0Advisory",
        "trust": 0.8,
        "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
      },
      {
        "title": "Dell BSAFE Micro Edition Suite  and Dell BSAFE Enter the fix for the verification error vulnerability",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=200901"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-016812"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-837"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.1
      },
      {
        "problemtype": "Inappropriate input confirmation (CWE-20) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-376211"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-016812"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-29507"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities"
      },
      {
        "trust": 1.7,
        "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-29507"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2020-29507/"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/oracle-fusion-middleware-vulnerabilities-of-july-2022-38858"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/20.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-376211"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-29507"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-016812"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-29507"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-837"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-376211"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-29507"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-016812"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-29507"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-837"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-07-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-376211"
      },
      {
        "date": "2022-07-11T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-29507"
      },
      {
        "date": "2023-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-016812"
      },
      {
        "date": "2022-07-11T20:15:08.147000",
        "db": "NVD",
        "id": "CVE-2020-29507"
      },
      {
        "date": "2022-07-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202207-837"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-11-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-376211"
      },
      {
        "date": "2022-07-18T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-29507"
      },
      {
        "date": "2023-09-25T06:20:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-016812"
      },
      {
        "date": "2022-11-29T02:56:07.263000",
        "db": "NVD",
        "id": "CVE-2020-29507"
      },
      {
        "date": "2022-07-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202207-837"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-837"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Dell\u00a0BSAFE\u00a0Crypto-C\u00a0Micro\u00a0Edition\u00a0 and \u00a0Dell\u00a0BSAFE\u00a0Micro\u00a0Edition\u00a0Suite\u00a0 Input verification vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-016812"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202207-837"
      }
    ],
    "trust": 0.6
  }
}

Action not permitted

cve-2020-29507

Vulnerability from cvelistv5

ghsa-4fcp-32xr-m94m

Vulnerability from github

wid-sec-w-2022-0714

Vulnerability from csaf_certbund

gsd-2020-29507

Vulnerability from gsd

var-202207-0579

Vulnerability from variot

Tags