Sign-up

ID

VAR-202012-1555


CVE

CVE-2020-5359


TITLE

Dell BSAFE Micro Edition Suite  Unchecked return value vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-014490

DESCRIPTION

Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to modify and corrupt the encrypted data. Dell BSAFE Micro Edition Suite is a development toolkit developed by Dell, which can provide encryption, certificate and transport layer security for c/c++ applications, devices and systems

Trust: 1.71

sources: NVD: CVE-2020-5359 // JVNDB: JVNDB-2020-014490 // VULHUB: VHN-183484

AFFECTED PRODUCTS

vendor:oraclemodel:weblogic server proxy plug-inscope:eqversion:12.2.1.3.0

Trust: 1.0

vendor:dellmodel:bsafe micro-edition-suitescope:ltversion:4.5

Trust: 1.0

vendor:oraclemodel:weblogic server proxy plug-inscope:eqversion:12.2.1.4.0

Trust: 1.0

vendor:oraclemodel:databasescope:eqversion:12.1.0.2

Trust: 1.0

vendor:oraclemodel:weblogic server proxy plug-inscope:eqversion:11.1.1.9.0

Trust: 1.0

vendor:oraclemodel:databasescope:eqversion:12.2.0.1

Trust: 1.0

vendor:oraclemodel:databasescope:eqversion:18c

Trust: 1.0

vendor:oraclemodel:databasescope:eqversion:19c

Trust: 1.0

vendor:デルmodel:bsafe micro edition suitescope:eqversion:4.5

Trust: 0.8

vendor:デルmodel:bsafe micro edition suitescope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-014490 // NVD: CVE-2020-5359

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-5359
value: MEDIUM

Trust: 1.0

security_alert@emc.com: CVE-2020-5359
value: MEDIUM

Trust: 1.0

NVD: CVE-2020-5359
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202012-1188
value: MEDIUM

Trust: 0.6

VULHUB: VHN-183484
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-5359
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-183484
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-5359
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 2.0

OTHER: JVNDB-2020-014490
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-183484 // JVNDB: JVNDB-2020-014490 // CNNVD: CNNVD-202012-1188 // NVD: CVE-2020-5359 // NVD: CVE-2020-5359

PROBLEMTYPE DATA

problemtype:CWE-252

Trust: 1.1

problemtype:CWE-544

Trust: 1.0

problemtype:Unchecked return value (CWE-252) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-183484 // JVNDB: JVNDB-2020-014490 // NVD: CVE-2020-5359

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202012-1188

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202012-1188

PATCH

title:DSA-2020-114url:https://www.dell.com/support/kbdoc/ja-jp/000181098/dsa-2020-114-dell-bsafe-micro-edition-suite-multiple-security-vulnerabilities

Trust: 0.8

title:Dell BSAFE Micro Edition Suite Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=137342

Trust: 0.6

sources: JVNDB: JVNDB-2020-014490 // CNNVD: CNNVD-202012-1188

EXTERNAL IDS

db:NVDid:CVE-2020-5359

Trust: 2.5

db:JVNDBid:JVNDB-2020-014490

Trust: 0.8

db:CNNVDid:CNNVD-202012-1188

Trust: 0.6

db:VULHUBid:VHN-183484

Trust: 0.1

sources: VULHUB: VHN-183484 // JVNDB: JVNDB-2020-014490 // CNNVD: CNNVD-202012-1188 // NVD: CVE-2020-5359

REFERENCES

url:https://www.dell.com/support/kbdoc/en-us/000181098/dsa-2020-114-dell-bsafe-micro-edition-suite-multiple-security-vulnerabilities

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpuapr2021.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-5359

Trust: 1.4

url:https://vigilance.fr/vulnerability/oracle-database-vulnerabilities-of-april-2021-35122

Trust: 0.6

sources: VULHUB: VHN-183484 // JVNDB: JVNDB-2020-014490 // CNNVD: CNNVD-202012-1188 // NVD: CVE-2020-5359

SOURCES

db:VULHUBid:VHN-183484
db:JVNDBid:JVNDB-2020-014490
db:CNNVDid:CNNVD-202012-1188
db:NVDid:CVE-2020-5359

LAST UPDATE DATE

2024-11-23T22:40:49.226000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-183484date:2021-12-09T00:00:00
db:JVNDBid:JVNDB-2020-014490date:2021-08-20T08:21:00
db:CNNVDid:CNNVD-202012-1188date:2021-06-15T00:00:00
db:NVDid:CVE-2020-5359date:2024-11-21T05:33:58.707

SOURCES RELEASE DATE

db:VULHUBid:VHN-183484date:2020-12-16T00:00:00
db:JVNDBid:JVNDB-2020-014490date:2021-08-20T00:00:00
db:CNNVDid:CNNVD-202012-1188date:2020-12-16T00:00:00
db:NVDid:CVE-2020-5359date:2020-12-16T16:15:14.320