var-202006-0362
Vulnerability from variot
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. An exposed API call allows users to provide files to be processed without sanitation. This may allow an attacker to use specially crafted requests to traverse the file system and expose sensitive data on the local hard drive. Rockwell Automation Provided by the company FactoryTalk Linx Software The following multiple vulnerabilities exist in. * Improper input confirmation (CWE-20) - CVE-2020-11999 * Improper input confirmation (CWE-20) - CVE-2020-12001 * Directory traversal (CWE-22) - CVE-2020-12003 * Upload any file (CWE-434) - CVE-2020-12005The expected impact depends on each vulnerability, but it may be affected as follows. * API Arbitrary code may be executed or files or data may be tampered with by a remote third party because arbitrary files are not properly sanitized during a call. - CVE-2020-11999 * Proper sanitization of specially crafted files can lead to sensitive information being stolen or arbitrary code being executed by a remote third party. - CVE-2020-12003 * Improperly compressed by a remote third party EDF By uploading the file, the compressed file can be decompressed. CPU All resources are consumed and service operation is interrupted (DoS) The condition is triggered - CVE-2020-12005. Rockwell Automation RSLinx Classic and others are products of Rockwell Automation (USA). Rockwell Automation RSLinx Classic is a set of industrial communication solutions. Rockwell Automation ControlFLASH is a firmware update utility
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0362",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "factorytalk linx",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.10"
},
{
"model": "factorytalk linx",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.11"
},
{
"model": "factorytalk linx",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.00"
},
{
"model": "rslinx classic",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "4.11.00"
},
{
"model": "connected components workbench",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "version 12"
},
{
"model": "controlflash",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "version 14 \u304a\u3088\u3073\u305d\u308c"
},
{
"model": "controlflash plus",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "version 1 \u304a\u3088\u3073\u305d\u308c"
},
{
"model": "factorytalk asset centre",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "version 9 \u304a\u3088\u3073\u305d\u308c"
},
{
"model": "factorytalk linx",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "version 6.00, 6.10, 6.11"
},
{
"model": "factorytalk linx commdtm",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "version 1 \u304a\u3088\u3073\u305d\u308c"
},
{
"model": "studio 5000 launcher",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "version 31 \u304a\u3088\u3073\u305d\u308c"
},
{
"model": "studio 5000 logix designer",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "software version 32"
},
{
"model": "automation rslinx classic",
"scope": "lte",
"trust": 0.6,
"vendor": "rockwell",
"version": "\u003c=4.11.00"
},
{
"model": "automation factorytalk linx",
"scope": "eq",
"trust": 0.6,
"vendor": "rockwell",
"version": "6.00"
},
{
"model": "automation factorytalk linx",
"scope": "eq",
"trust": 0.6,
"vendor": "rockwell",
"version": "6.10"
},
{
"model": "automation factorytalk linx",
"scope": "eq",
"trust": 0.6,
"vendor": "rockwell",
"version": "6.11"
},
{
"model": "automation connected components workbench",
"scope": "lte",
"trust": 0.6,
"vendor": "rockwell",
"version": "\u003c=12"
},
{
"model": "automation controlflash",
"scope": "lte",
"trust": 0.6,
"vendor": "rockwell",
"version": "\u003c=14"
},
{
"model": "automation controlflash plus",
"scope": "lte",
"trust": 0.6,
"vendor": "rockwell",
"version": "\u003c=1"
},
{
"model": "automation factorytalk asset centre",
"scope": "lte",
"trust": 0.6,
"vendor": "rockwell",
"version": "\u003c=9"
},
{
"model": "automation factorytalk linx commdtm",
"scope": "lte",
"trust": 0.6,
"vendor": "rockwell",
"version": "\u003c=1"
},
{
"model": "automation studio launcher",
"scope": "eq",
"trust": 0.6,
"vendor": "rockwell",
"version": "5000\u003c=31"
},
{
"model": "automation studio logix designer software",
"scope": "eq",
"trust": 0.6,
"vendor": "rockwell",
"version": "5000\u003c=32"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-38694"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005434"
},
{
"db": "NVD",
"id": "CVE-2020-12003"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:factorytalk_linx:6.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:factorytalk_linx:6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:factorytalk_linx:6.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_classic:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.11.00",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-12003"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sharon Brizinov and Amir Preminger (VP Research) of Claroty",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-913"
}
],
"trust": 0.6
},
"cve": "CVE-2020-12003",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-38694",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-164638",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "None",
"baseScore": 9.6,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-005434",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "None",
"baseScore": 9.6,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-005434",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-005434",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005434",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "IPA",
"id": "JVNDB-2020-005434",
"trust": 1.6,
"value": "Critical"
},
{
"author": "IPA",
"id": "JVNDB-2020-005434",
"trust": 1.6,
"value": "High"
},
{
"author": "NVD",
"id": "CVE-2020-12003",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2020-38694",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-913",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-164638",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-38694"
},
{
"db": "VULHUB",
"id": "VHN-164638"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005434"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005434"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005434"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005434"
},
{
"db": "NVD",
"id": "CVE-2020-12003"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-913"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. An exposed API call allows users to provide files to be processed without sanitation. This may allow an attacker to use specially crafted requests to traverse the file system and expose sensitive data on the local hard drive. Rockwell Automation Provided by the company FactoryTalk Linx Software The following multiple vulnerabilities exist in. * Improper input confirmation (CWE-20) - CVE-2020-11999 * Improper input confirmation (CWE-20) - CVE-2020-12001 * Directory traversal (CWE-22) - CVE-2020-12003 * Upload any file (CWE-434) - CVE-2020-12005The expected impact depends on each vulnerability, but it may be affected as follows. * API Arbitrary code may be executed or files or data may be tampered with by a remote third party because arbitrary files are not properly sanitized during a call. - CVE-2020-11999 * Proper sanitization of specially crafted files can lead to sensitive information being stolen or arbitrary code being executed by a remote third party. - CVE-2020-12003 * Improperly compressed by a remote third party EDF By uploading the file, the compressed file can be decompressed. CPU All resources are consumed and service operation is interrupted (DoS) The condition is triggered - CVE-2020-12005. Rockwell Automation RSLinx Classic and others are products of Rockwell Automation (USA). Rockwell Automation RSLinx Classic is a set of industrial communication solutions. Rockwell Automation ControlFLASH is a firmware update utility",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-12003"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005434"
},
{
"db": "CNVD",
"id": "CNVD-2020-38694"
},
{
"db": "VULHUB",
"id": "VHN-164638"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-12003",
"trust": 3.1
},
{
"db": "ICS CERT",
"id": "ICSA-20-163-02",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVNVU91454414",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005434",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-38694",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202006-913",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.2062",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-164638",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-38694"
},
{
"db": "VULHUB",
"id": "VHN-164638"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005434"
},
{
"db": "NVD",
"id": "CVE-2020-12003"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-913"
}
]
},
"id": "VAR-202006-0362",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-38694"
},
{
"db": "VULHUB",
"id": "VHN-164638"
}
],
"trust": 1.4526883266666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-38694"
}
]
},
"last_update_date": "2023-12-18T13:07:35.587000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "54102-Industrial Security Advisory Index (\u8981\u30ed\u30b0\u30a4\u30f3)",
"trust": 0.8,
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/54102"
},
{
"title": "Patch for Multiple Rockwell Automation product path traversal vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/225413"
},
{
"title": "Multiple Rockwell Automation Product path traversal vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=121709"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-38694"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005434"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-913"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-164638"
},
{
"db": "NVD",
"id": "CVE-2020-12003"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-163-02"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12003"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12003"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12005"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-11999"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12001"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91454414/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11999"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12001"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12005"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2062/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-38694"
},
{
"db": "VULHUB",
"id": "VHN-164638"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005434"
},
{
"db": "NVD",
"id": "CVE-2020-12003"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-913"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-38694"
},
{
"db": "VULHUB",
"id": "VHN-164638"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005434"
},
{
"db": "NVD",
"id": "CVE-2020-12003"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-913"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-38694"
},
{
"date": "2020-06-15T00:00:00",
"db": "VULHUB",
"id": "VHN-164638"
},
{
"date": "2020-06-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005434"
},
{
"date": "2020-06-15T20:15:11.397000",
"db": "NVD",
"id": "CVE-2020-12003"
},
{
"date": "2020-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-913"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-38694"
},
{
"date": "2020-06-24T00:00:00",
"db": "VULHUB",
"id": "VHN-164638"
},
{
"date": "2020-07-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005434"
},
{
"date": "2020-06-24T15:28:24.153000",
"db": "NVD",
"id": "CVE-2020-12003"
},
{
"date": "2020-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-913"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-913"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell Automation Made FactoryTalk Linx Software Multiple vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005434"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-913"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.