CVE-2020-8110

{"id": "CVE-2020-8110", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "cve-requests@bitdefender.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2020-10-02T10:15:13.170", "references": [{"url": "https://www.bitdefender.com/support/security-advisories/bitdefender-cevakrnl-xmd-parser-denial-of-service-va-8766", "tags": ["Vendor Advisory"], "source": "cve-requests@bitdefender.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-824"}]}, {"type": "Secondary", "source": "cve-requests@bitdefender.com", "description": [{"lang": "en", "value": "CWE-824"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been discovered in the ceva_emu.cvd module that results from a lack of proper validation of user-supplied data, which can result in a pointer that is fetched from uninitialized memory. This can lead to denial-of-service. This issue affects: Bitdefender Engines version 7.84897 and prior versions."}, {"lang": "es", "value": "Se detect\u00f3 una vulnerabilidad en el m\u00f3dulo ceva_emu.cvd que resulta de una falta de comprobaci\u00f3n apropiada de los datos suministrados por el usuario, lo que puede resultar en un puntero que es extra\u00eddo de la memoria no inicializada. Esto puede conllevar a una denegaci\u00f3n de servicio. Este problema afecta a: Bitdefender Engines versi\u00f3n 7.84897 y versiones anteriores"}], "lastModified": "2020-10-09T16:12:45.050", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bitdefender:engines:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C595C92-9566-496A-AB61-374B242003D0", "versionEndIncluding": "7.84897"}], "operator": "OR"}]}], "sourceIdentifier": "cve-requests@bitdefender.com"}