CVE-2020-2656 - Vulnerability Details - OpenCVE

Vulnerability in the Oracle Solaris product of Oracle Systems (component: X Window System). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data as well as unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Oracle	Solaris

Configuration 1 [-]

OR	cpe:2.3:o:oracle:solaris:10:::::::*
	cpe:2.3:o:oracle:solaris:11:::::::*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/155990/Solaris-xlock-Information-Disclosure.html
http://seclists.org/fulldisclosure/2020/Jan/23
http://www.openwall.com/lists/oss-security/2020/01/20/2
https://seclists.org/bugtraq/2020/Jan/23
https://www.oracle.com/security-alerts/cpujan2020.html

History

Mon, 30 Sep 2024 16:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2020-01-15T16:34:05

Updated: 2024-09-30T15:58:58.492Z

Reserved: 2019-12-10T00:00:00

Link: CVE-2020-2656

Vulnrichment

Updated: 2024-08-04T07:09:54.898Z

NVD

Status : Modified

Published: 2020-01-15T17:15:24.160

Modified: 2024-11-21T05:25:54.690

Link: CVE-2020-2656

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Solaris Operating System", "vendor": "Oracle Corporation", "versions": [{"status": "affected", "version": "10"}, {"status": "affected", "version": "11"}]}], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: X Window System). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data as well as unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data as well as unauthorized read access to a subset of Oracle Solaris accessible data.", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-20T12:06:21", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"name": "20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2020/Jan/23"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/155990/Solaris-xlock-Information-Disclosure.html"}, {"name": "20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2020/Jan/23"}, {"name": "[oss-security] 20200120 CVE-2020-2656, CVE-2020-2696 - Multiple vulnerabilities in Oracle Solaris", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2020/01/20/2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2020-2656", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Solaris Operating System", "version": {"version_data": [{"version_affected": "=", "version_value": "10"}, {"version_affected": "=", "version_value": "11"}]}}]}, "vendor_name": "Oracle Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: X Window System). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data as well as unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)."}]}, "impact": {"cvss": {"baseScore": "4.4", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data as well as unauthorized read access to a subset of Oracle Solaris accessible data."}]}]}, "references": {"reference_data": [{"name": "https://www.oracle.com/security-alerts/cpujan2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"name": "20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2020/Jan/23"}, {"name": "http://packetstormsecurity.com/files/155990/Solaris-xlock-Information-Disclosure.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/155990/Solaris-xlock-Information-Disclosure.html"}, {"name": "20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2020/Jan/23"}, {"name": "[oss-security] 20200120 CVE-2020-2656, CVE-2020-2696 - Multiple vulnerabilities in Oracle Solaris", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/01/20/2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:09:54.898Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"name": "20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "https://seclists.org/bugtraq/2020/Jan/23"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/155990/Solaris-xlock-Information-Disclosure.html"}, {"name": "20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2020/Jan/23"}, {"name": "[oss-security] 20200120 CVE-2020-2656, CVE-2020-2696 - Multiple vulnerabilities in Oracle Solaris", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2020/01/20/2"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-30T15:02:37.365614Z", "id": "CVE-2020-2656", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-30T15:58:58.492Z"}}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2020-2656", "datePublished": "2020-01-15T16:34:05", "dateReserved": "2019-12-10T00:00:00", "dateUpdated": "2024-09-30T15:58:58.492Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"containers": {"cna": {"affected": [{"product": "Solaris Operating System", "vendor": "Oracle Corporation", "versions": [{"status": "affected", "version": "10"}, {"status": "affected", "version": "11"}]}], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: X Window System). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data as well as unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data as well as unauthorized read access to a subset of Oracle Solaris accessible data.", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-20T12:06:21", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"name": "20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2020/Jan/23"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/155990/Solaris-xlock-Information-Disclosure.html"}, {"name": "20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2020/Jan/23"}, {"name": "[oss-security] 20200120 CVE-2020-2656, CVE-2020-2696 - Multiple vulnerabilities in Oracle Solaris", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2020/01/20/2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2020-2656", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Solaris Operating System", "version": {"version_data": [{"version_affected": "=", "version_value": "10"}, {"version_affected": "=", "version_value": "11"}]}}]}, "vendor_name": "Oracle Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: X Window System). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data as well as unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)."}]}, "impact": {"cvss": {"baseScore": "4.4", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data as well as unauthorized read access to a subset of Oracle Solaris accessible data."}]}]}, "references": {"reference_data": [{"name": "https://www.oracle.com/security-alerts/cpujan2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"name": "20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2020/Jan/23"}, {"name": "http://packetstormsecurity.com/files/155990/Solaris-xlock-Information-Disclosure.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/155990/Solaris-xlock-Information-Disclosure.html"}, {"name": "20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2020/Jan/23"}, {"name": "[oss-security] 20200120 CVE-2020-2656, CVE-2020-2696 - Multiple vulnerabilities in Oracle Solaris", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/01/20/2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:09:54.898Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"name": "20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "https://seclists.org/bugtraq/2020/Jan/23"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/155990/Solaris-xlock-Information-Disclosure.html"}, {"name": "20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2020/Jan/23"}, {"name": "[oss-security] 20200120 CVE-2020-2656, CVE-2020-2696 - Multiple vulnerabilities in Oracle Solaris", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2020/01/20/2"}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2020-2656", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-30T15:02:37.365614Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-30T15:03:44.898Z"}}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2020-2656", "datePublished": "2020-01-15T16:34:05", "dateReserved": "2019-12-10T00:00:00", "dateUpdated": "2024-09-30T15:58:58.492Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "matchCriteriaId": "964B57CD-CB8A-4520-B358-1C93EC5EF2DC", "vulnerable": true}, {"criteria": "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*", "matchCriteriaId": "8E8C192B-8044-4BF9-9F1F-57371FC0E8FD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: X Window System). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data as well as unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)."}, {"lang": "es", "value": "Vulnerabilidad en el producto Oracle Solaris de Oracle Systems (componente: X Window System). Las versiones compatibles que est\u00e1n afectadas son la 10 y la 11. Una vulnerabilidad f\u00e1cilmente explotable permite a un atacante poco privilegiado con inicio de sesi\u00f3n en la infraestructura donde se ejecuta Oracle Solaris comprometer a Oracle Solaris. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en una actualizaci\u00f3n no autorizada, insertar o eliminar el acceso a algunos de los datos accesibles de Oracle Solaris, as\u00ed como en un acceso de lectura no autorizado a un subconjunto de datos accesibles de Oracle Solaris. CVSS 3.0 Puntuaci\u00f3n Base 4.4 (Impactos en la Confidencialidad e Integridad). Vector CVSS: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)."}], "id": "CVE-2020-2656", "lastModified": "2024-11-21T05:25:54.690", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 2.5, "source": "secalert_us@oracle.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-01-15T17:15:24.160", "references": [{"source": "secalert_us@oracle.com", "tags": ["Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "url": "http://packetstormsecurity.com/files/155990/Solaris-xlock-Information-Disclosure.html"}, {"source": "secalert_us@oracle.com", "tags": ["Exploit", "Mailing List", "Patch", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2020/Jan/23"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/01/20/2"}, {"source": "secalert_us@oracle.com", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2020/Jan/23"}, {"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "url": "http://packetstormsecurity.com/files/155990/Solaris-xlock-Information-Disclosure.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Patch", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2020/Jan/23"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/01/20/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2020/Jan/23"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}