ID

VAR-202004-0969


CVE

CVE-2020-1722


TITLE

Red Hat IPA Resource Management Error Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2021-26417 // CNNVD: CNNVD-202004-967

DESCRIPTION

A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability. ipa Exists in a resource exhaustion vulnerability.Service operation interruption (DoS) It may be put into a state. Red Hat IPA is a domain controller of Red Hat (Red Hat) for Linux/UNIX platform. There is a resource management error vulnerability in Red Hat IPA 4.x.x version to 4.8.0 version. The vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. 1879604 - pkispawn logs files are empty 6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: ipa security, bug fix, and enhancement update Advisory ID: RHSA-2020:3936-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:3936 Issue date: 2020-09-29 CVE Names: CVE-2015-9251 CVE-2016-10735 CVE-2018-14040 CVE-2018-14042 CVE-2018-20676 CVE-2018-20677 CVE-2019-8331 CVE-2019-11358 CVE-2020-1722 CVE-2020-11022 ==================================================================== 1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. The following packages have been upgraded to a later upstream version: ipa (4.6.8). (BZ#1819725) Security Fix(es): * js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251) * bootstrap: XSS in the data-target attribute (CVE-2016-10735) * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040) * bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. (CVE-2018-14042) * bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676) * bootstrap: XSS in the affix configuration target property (CVE-2018-20677) * bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331) * js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358) * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) * ipa: No password length restriction leads to denial of service (CVE-2020-1722) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1399546 - CVE-2015-9251 js-jquery: Cross-site scripting via cross-domain ajax requests 1404770 - ID Views: do not allow custom Views for the masters 1545755 - ipa-replica-prepare should not update pki admin password. 1601614 - CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute 1601617 - CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. 1668082 - CVE-2018-20676 bootstrap: XSS in the tooltip data-viewport attribute 1668089 - CVE-2018-20677 bootstrap: XSS in the affix configuration target property 1668097 - CVE-2016-10735 bootstrap: XSS in the data-target attribute 1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute 1701972 - CVE-2019-11358 js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection 1754902 - Running ipa-server-install fails when RHEL 7.7 packages are installed on RHEL 7.6 1755535 - ipa-advise on a RHEL7 IdM server is not able to generate a configuration script for a RHEL8 IdM client 1756568 - ipa-server-certinstall man page does not match built-in help. 1758406 - KRA authentication fails when IPA CA has custom Subject DN 1769791 - Invisible part of notification area in Web UI intercepts clicks of some page elements 1771356 - Default client configuration breaks ssh in FIPS mode. 1780548 - Man page ipa-cacert-manage does not display correctly on RHEL 1782587 - add "systemctl restart sssd" to warning message when adding trust agents to replicas 1788718 - ipa-server-install incorrectly setting slew mode (-x) when setting up ntpd 1788907 - Renewed certs are not picked up by IPA CAs 1793071 - CVE-2020-1722 ipa: No password length restriction leads to denial of service 1795890 - ipa-pkinit-manage enable fails on replica if it doesn't host the CA 1801791 - Compatibility Schema difference in functionality for systems following RHEL 7.5 -> 7.6 upgrade path as opposed to new RHEL 7.6 systems 1817886 - ipa group-add-member: prevent adding IPA objects as external members 1817918 - Secure tomcat AJP connector 1817919 - Enable compat tree to provide information about AD users and groups on trust agents 1817922 - covscan memory leaks report 1817923 - IPA upgrade is failing with error "Failed to get request: bus, object_path and dbus_interface must not be None." 1817927 - host-add --password logs cleartext userpassword to Apache error log 1819725 - Rebase IPA to latest 4.6.x version 1825829 - ipa-advise on a RHEL7 IdM server generate a configuration script for client having hardcoded python3 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1829787 - ipa service-del deletes the required principal when specified in lower/upper case 1834385 - Man page syntax issue detected by rpminspect 1842950 - ipa-adtrust-install fails when replica is offline 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: ipa-4.6.8-5.el7.src.rpm noarch: ipa-client-common-4.6.8-5.el7.noarch.rpm ipa-common-4.6.8-5.el7.noarch.rpm ipa-python-compat-4.6.8-5.el7.noarch.rpm python2-ipaclient-4.6.8-5.el7.noarch.rpm python2-ipalib-4.6.8-5.el7.noarch.rpm x86_64: ipa-client-4.6.8-5.el7.x86_64.rpm ipa-debuginfo-4.6.8-5.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): Source: ipa-4.6.8-5.el7.src.rpm noarch: ipa-client-common-4.6.8-5.el7.noarch.rpm ipa-common-4.6.8-5.el7.noarch.rpm ipa-python-compat-4.6.8-5.el7.noarch.rpm python2-ipaclient-4.6.8-5.el7.noarch.rpm python2-ipalib-4.6.8-5.el7.noarch.rpm x86_64: ipa-client-4.6.8-5.el7.x86_64.rpm ipa-debuginfo-4.6.8-5.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: ipa-server-common-4.6.8-5.el7.noarch.rpm ipa-server-dns-4.6.8-5.el7.noarch.rpm python2-ipaserver-4.6.8-5.el7.noarch.rpm x86_64: ipa-debuginfo-4.6.8-5.el7.x86_64.rpm ipa-server-4.6.8-5.el7.x86_64.rpm ipa-server-trust-ad-4.6.8-5.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: ipa-4.6.8-5.el7.src.rpm noarch: ipa-client-common-4.6.8-5.el7.noarch.rpm ipa-common-4.6.8-5.el7.noarch.rpm ipa-python-compat-4.6.8-5.el7.noarch.rpm ipa-server-common-4.6.8-5.el7.noarch.rpm ipa-server-dns-4.6.8-5.el7.noarch.rpm python2-ipaclient-4.6.8-5.el7.noarch.rpm python2-ipalib-4.6.8-5.el7.noarch.rpm python2-ipaserver-4.6.8-5.el7.noarch.rpm ppc64: ipa-client-4.6.8-5.el7.ppc64.rpm ipa-debuginfo-4.6.8-5.el7.ppc64.rpm ppc64le: ipa-client-4.6.8-5.el7.ppc64le.rpm ipa-debuginfo-4.6.8-5.el7.ppc64le.rpm s390x: ipa-client-4.6.8-5.el7.s390x.rpm ipa-debuginfo-4.6.8-5.el7.s390x.rpm x86_64: ipa-client-4.6.8-5.el7.x86_64.rpm ipa-debuginfo-4.6.8-5.el7.x86_64.rpm ipa-server-4.6.8-5.el7.x86_64.rpm ipa-server-trust-ad-4.6.8-5.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: ipa-4.6.8-5.el7.src.rpm noarch: ipa-client-common-4.6.8-5.el7.noarch.rpm ipa-common-4.6.8-5.el7.noarch.rpm ipa-python-compat-4.6.8-5.el7.noarch.rpm ipa-server-common-4.6.8-5.el7.noarch.rpm ipa-server-dns-4.6.8-5.el7.noarch.rpm python2-ipaclient-4.6.8-5.el7.noarch.rpm python2-ipalib-4.6.8-5.el7.noarch.rpm python2-ipaserver-4.6.8-5.el7.noarch.rpm x86_64: ipa-client-4.6.8-5.el7.x86_64.rpm ipa-debuginfo-4.6.8-5.el7.x86_64.rpm ipa-server-4.6.8-5.el7.x86_64.rpm ipa-server-trust-ad-4.6.8-5.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-9251 https://access.redhat.com/security/cve/CVE-2016-10735 https://access.redhat.com/security/cve/CVE-2018-14040 https://access.redhat.com/security/cve/CVE-2018-14042 https://access.redhat.com/security/cve/CVE-2018-20676 https://access.redhat.com/security/cve/CVE-2018-20677 https://access.redhat.com/security/cve/CVE-2019-8331 https://access.redhat.com/security/cve/CVE-2019-11358 https://access.redhat.com/security/cve/CVE-2020-1722 https://access.redhat.com/security/cve/CVE-2020-11022 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index 8. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX3Of/9zjgjWX9erEAQjmHBAAi+u4CgMbaduuYvMAMbNKqT/0X8Y02udQ maW4rfZ6udfHWJ21h1VlD/INXHB3sBFC2vpXsgJD7dTkUsZYIx73LrQFkakTzIWc xSQalxNs+Fjh/ot/JMiKQzQUmZeu/vUYgVB81y+hczg5dys3q1mnu42GWe18sJIc FCY2R3mBTnFUZoc/3JDHeVRJU8eq51oqRgNaz+Fl+CoFkR81P6mD8wybIIAsBx14 Ykya/awQf+OuBCe5tqfTV1+KS2U4+tqiqapzALt7dhjfA9Jayc9/UvQjGCyrmGvP +BBBPSqGOS81jpPo0ouM3OtadWrGAWERMwtrR+POUp1rnMxy2kI0EpebnzSOtJy2 xExPZtcTjjgWvIMDdrJJ5DXG6cP5j3GjyvFknmCtCqvXzo90gw73psi6roG+g/a8 UyML+be8jnJK7571X3dz6OCYBExaHqM21ukUEfdvddszhw92J3fxmDm5+picETB9 dZ++VtV1lCBOlKW1SDG/ggk7PeSRGTDL5IkekopO1w89r3QsfqyFudlsNT0dDgk7 8Kzn8YpCWln1Kp0UbVushKRT+KllZRTKzXTBfiEWiYtQiwyL9zj/DrxagXXbiPe7 5mZnk62sAdKya3On4ejgPQ8Nq8oKHzRfaig/CNaNiB00HgZcRdQokPQ9+DRnkdNS UR3S5ZAZvb8=SWQt -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.43

sources: NVD: CVE-2020-1722 // JVNDB: JVNDB-2020-004904 // CNVD: CNVD-2021-26417 // VULMON: CVE-2020-1722 // PACKETSTORM: 159876 // PACKETSTORM: 159353

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-26417

AFFECTED PRODUCTS

vendor:freeipamodel:freeipascope:gteversion:4.0.0

Trust: 1.0

vendor:freeipamodel:freeipascope:lteversion:4.8.0

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:6.0

Trust: 1.0

vendor:freeipamodel:freeipascope:eqversion:4.8.0 の 4.x.x

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope: - version: -

Trust: 0.8

vendor:redmodel:hat ipascope:gteversion:4.*.*,<=4.8.0

Trust: 0.6

sources: CNVD: CNVD-2021-26417 // JVNDB: JVNDB-2020-004904 // NVD: CVE-2020-1722

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-1722
value: MEDIUM

Trust: 1.0

secalert@redhat.com: CVE-2020-1722
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-004904
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2021-26417
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202004-967
value: MEDIUM

Trust: 0.6

VULMON: CVE-2020-1722
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-1722
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-004904
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2021-26417
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-1722
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.6
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: JVNDB-2020-004904
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2021-26417 // VULMON: CVE-2020-1722 // JVNDB: JVNDB-2020-004904 // CNNVD: CNNVD-202004-967 // NVD: CVE-2020-1722 // NVD: CVE-2020-1722

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.8

sources: JVNDB: JVNDB-2020-004904 // NVD: CVE-2020-1722

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202004-967

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202004-967

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-004904

PATCH

title:Top Pageurl:https://www.freeipa.org/page/Main_Page

Trust: 0.8

title:Bug 1793071url:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1722

Trust: 0.8

title:Debian CVElist Bug Report Logs: CVE-2020-1722url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=1b4a8895fe2cf0a002a5f014b475bccd

Trust: 0.1

title:Red Hat: Moderate: ipa security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203936 - Security Advisory

Trust: 0.1

sources: VULMON: CVE-2020-1722 // JVNDB: JVNDB-2020-004904

EXTERNAL IDS

db:NVDid:CVE-2020-1722

Trust: 3.3

db:JVNDBid:JVNDB-2020-004904

Trust: 0.8

db:PACKETSTORMid:159876

Trust: 0.7

db:PACKETSTORMid:159353

Trust: 0.7

db:CNVDid:CNVD-2021-26417

Trust: 0.6

db:AUSCERTid:ESB-2020.3368

Trust: 0.6

db:AUSCERTid:ESB-2020.3902

Trust: 0.6

db:CNNVDid:CNNVD-202004-967

Trust: 0.6

db:VULMONid:CVE-2020-1722

Trust: 0.1

sources: CNVD: CNVD-2021-26417 // VULMON: CVE-2020-1722 // JVNDB: JVNDB-2020-004904 // PACKETSTORM: 159876 // PACKETSTORM: 159353 // CNNVD: CNNVD-202004-967 // NVD: CVE-2020-1722

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2020-1722

Trust: 2.2

url:https://bugzilla.redhat.com/show_bug.cgi?id=cve-2020-1722

Trust: 1.7

url:https://access.redhat.com/security/cve/cve-2020-1722

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1722

Trust: 0.8

url:https://access.redhat.com/errata/rhsa-2020:4670

Trust: 0.7

url:https://access.redhat.com/errata/rhsa-2020:3936

Trust: 0.7

url:https://bugzilla.redhat.com/show_bug.cgi?id=1793071

Trust: 0.6

url:https://vigilance.fr/vulnerability/ipa-overload-via-very-long-password-33457

Trust: 0.6

url:https://packetstormsecurity.com/files/159353/red-hat-security-advisory-2020-3936-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3902/

Trust: 0.6

url:https://packetstormsecurity.com/files/159876/red-hat-security-advisory-2020-4670-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3368/

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2018-14042

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2015-9251

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8331

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-14040

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-14042

Trust: 0.2

url:https://access.redhat.com/articles/11258

Trust: 0.2

url:https://access.redhat.com/security/team/contact/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-11022

Trust: 0.2

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-11358

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-20676

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-10735

Trust: 0.2

url:https://bugzilla.redhat.com/):

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-11358

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-20676

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-20677

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-9251

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-14040

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-20677

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-11022

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2016-10735

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-8331

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/400.html

Trust: 0.1

url:https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966200

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index

Trust: 0.1

sources: CNVD: CNVD-2021-26417 // VULMON: CVE-2020-1722 // JVNDB: JVNDB-2020-004904 // PACKETSTORM: 159876 // PACKETSTORM: 159353 // CNNVD: CNNVD-202004-967 // NVD: CVE-2020-1722

CREDITS

Red Hat

Trust: 0.8

sources: PACKETSTORM: 159876 // PACKETSTORM: 159353 // CNNVD: CNNVD-202004-967

SOURCES

db:CNVDid:CNVD-2021-26417
db:VULMONid:CVE-2020-1722
db:JVNDBid:JVNDB-2020-004904
db:PACKETSTORMid:159876
db:PACKETSTORMid:159353
db:CNNVDid:CNNVD-202004-967
db:NVDid:CVE-2020-1722

LAST UPDATE DATE

2024-11-23T21:23:06.810000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-26417date:2021-05-06T00:00:00
db:VULMONid:CVE-2020-1722date:2020-05-26T00:00:00
db:JVNDBid:JVNDB-2020-004904date:2020-06-01T00:00:00
db:CNNVDid:CNNVD-202004-967date:2023-03-02T00:00:00
db:NVDid:CVE-2020-1722date:2024-11-21T05:11:14.500

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-26417date:2021-04-09T00:00:00
db:VULMONid:CVE-2020-1722date:2020-04-27T00:00:00
db:JVNDBid:JVNDB-2020-004904date:2020-06-01T00:00:00
db:PACKETSTORMid:159876date:2020-11-04T15:32:52
db:PACKETSTORMid:159353date:2020-09-30T15:44:20
db:CNNVDid:CNNVD-202004-967date:2020-04-14T00:00:00
db:NVDid:CVE-2020-1722date:2020-04-27T21:15:13.640