Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-17160 (GCVE-0-2020-17160)
Vulnerability from cvelistv5
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2021-02-05T15:18:34",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"rejectedReasons": [
{
"lang": "en",
"value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-17160",
"datePublished": "2020-12-09T23:37:00",
"dateRejected": "2021-02-05T15:18:34",
"dateReserved": "2020-08-04T00:00:00",
"dateUpdated": "2021-02-05T15:18:34",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-17160\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2020-12-10T00:15:16.747\",\"lastModified\":\"2023-11-07T03:19:10.240\",\"vulnStatus\":\"Rejected\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none\"}],\"metrics\":{},\"references\":[]}}"
}
}
CERTFR-2020-AVI-808
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans les produits Microsoft. Elles permettent à un attaquant de provoquer un contournement de la fonctionnalité de sécurité, une exécution de code à distance, une usurpation d'identité et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | Microsoft Exchange Server 2013 Cumulative Update 23 | ||
| Microsoft | N/A | ChakraCore | ||
| Microsoft | N/A | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) | ||
| Microsoft | N/A | Team Foundation Server 2018 Update 3.2 | ||
| Microsoft | Azure | Azure DevOps Server 2019.0.1 | ||
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) | ||
| Microsoft | Azure | Azure DevOps Server 2020 | ||
| Microsoft | N/A | Visual Studio Code TS-Lint Extension | ||
| Microsoft | N/A | Dynamics 365 pour Finance and Operations | ||
| Microsoft | N/A | Microsoft Exchange Server 2016 Cumulative Update 18 | ||
| Microsoft | N/A | Microsoft Dynamics NAV 2015 | ||
| Microsoft | N/A | Visual Studio Code Language Support pour Java Extension | ||
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) | ||
| Microsoft | N/A | Team Foundation Server 2017 Update 3.1 | ||
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.0 | ||
| Microsoft | N/A | Microsoft 365 Apps pour Enterprise pour systèmes 32 bits | ||
| Microsoft | N/A | Microsoft 365 Apps pour Enterprise pour 64 bits Systems | ||
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.8 | ||
| Microsoft | N/A | Visual Studio Code Remote - SSH Extension | ||
| Microsoft | N/A | Microsoft Exchange Server 2019 Cumulative Update 6 | ||
| Microsoft | N/A | Team Foundation Server 2018 Update 1.2 | ||
| Microsoft | Azure | Azure Sphere | ||
| Microsoft | N/A | Microsoft Dynamics 365 (on-premises) version 9.0 | ||
| Microsoft | Azure | Azure SDK pour Java | ||
| Microsoft | N/A | Microsoft Dynamics 365 (on-premises) version 8.2 | ||
| Microsoft | N/A | Microsoft Exchange Server 2019 Cumulative Update 7 | ||
| Microsoft | Azure | Azure DevOps Server 2019 Update 1.1 | ||
| Microsoft | N/A | Microsoft Exchange Server 2016 Cumulative Update 17 | ||
| Microsoft | N/A | Team Foundation Server 2015 Update 4.2 | ||
| Microsoft | Azure | C SDK pour Azure IoT | ||
| Microsoft | N/A | Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 31 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Microsoft Exchange Server 2013 Cumulative Update 23",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "ChakraCore",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Team Foundation Server 2018 Update 3.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure DevOps Server 2019.0.1",
"product": {
"name": "Azure",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure DevOps Server 2020",
"product": {
"name": "Azure",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Visual Studio Code TS-Lint Extension",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Dynamics 365 pour Finance and Operations",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Exchange Server 2016 Cumulative Update 18",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Dynamics NAV 2015",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Visual Studio Code Language Support pour Java Extension",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Team Foundation Server 2017 Update 3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2019 version 16.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 32 bits",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft 365 Apps pour Enterprise pour 64 bits Systems",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2019 version 16.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Visual Studio Code Remote - SSH Extension",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Exchange Server 2019 Cumulative Update 6",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Team Foundation Server 2018 Update 1.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure Sphere",
"product": {
"name": "Azure",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Dynamics 365 (on-premises) version 9.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure SDK pour Java",
"product": {
"name": "Azure",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Dynamics 365 (on-premises) version 8.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Exchange Server 2019 Cumulative Update 7",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure DevOps Server 2019 Update 1.1",
"product": {
"name": "Azure",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Exchange Server 2016 Cumulative Update 17",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Team Foundation Server 2015 Update 4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "C SDK pour Azure IoT",
"product": {
"name": "Azure",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 31",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-17130",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17130"
},
{
"name": "CVE-2020-17148",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17148"
},
{
"name": "CVE-2020-17135",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17135"
},
{
"name": "CVE-2020-17133",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17133"
},
{
"name": "CVE-2020-17119",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17119"
},
{
"name": "CVE-2020-17144",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17144"
},
{
"name": "CVE-2020-17129",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17129"
},
{
"name": "CVE-2020-17147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17147"
},
{
"name": "CVE-2020-17143",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17143"
},
{
"name": "CVE-2020-17131",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17131"
},
{
"name": "CVE-2020-17126",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17126"
},
{
"name": "CVE-2020-16971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16971"
},
{
"name": "CVE-2020-17117",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17117"
},
{
"name": "CVE-2020-17002",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17002"
},
{
"name": "CVE-2020-17141",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17141"
},
{
"name": "CVE-2020-17145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17145"
},
{
"name": "CVE-2020-17159",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17159"
},
{
"name": "CVE-2020-17132",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17132"
},
{
"name": "CVE-2020-17152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17152"
},
{
"name": "CVE-2020-17150",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17150"
},
{
"name": "CVE-2020-17156",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17156"
},
{
"name": "CVE-2020-17125",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17125"
},
{
"name": "CVE-2020-17128",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17128"
},
{
"name": "CVE-2020-17123",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17123"
},
{
"name": "CVE-2020-17158",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17158"
},
{
"name": "CVE-2020-17160",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17160"
},
{
"name": "CVE-2020-17142",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17142"
},
{
"name": "CVE-2020-17124",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17124"
}
],
"initial_release_date": "2020-12-09T00:00:00",
"last_revision_date": "2020-12-09T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-808",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-12-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Usurpation d\u0027identit\u00e9"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Microsoft\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un contournement de la fonctionnalit\u00e9 de\ns\u00e9curit\u00e9, une ex\u00e9cution de code \u00e0 distance, une usurpation d\u0027identit\u00e9 et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 08 d\u00e9cembre 2020",
"url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
}
]
}
gsd-2020-17160
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-17160",
"description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.",
"id": "GSD-2020-17160"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-17160"
],
"details": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.",
"id": "GSD-2020-17160",
"modified": "2023-12-13T01:21:50.032516Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-17160",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none."
}
]
}
}
}
}
ghsa-2xwv-qmvc-f3g6
Vulnerability from github
Published
2022-05-24 17:35
Modified
2022-05-24 17:35
VLAI Severity ?
Details
, aka 'RETRACTED'.
{
"affected": [],
"aliases": [
"CVE-2020-17160"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-12-10T00:15:00Z",
"severity": null
},
"details": ", aka \u0027RETRACTED\u0027.",
"id": "GHSA-2xwv-qmvc-f3g6",
"modified": "2022-05-24T17:35:56Z",
"published": "2022-05-24T17:35:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-17160"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17160"
}
],
"schema_version": "1.4.0",
"severity": []
}
fkie_cve-2020-17160
Vulnerability from fkie_nvd
Published
2020-12-10 00:15
Modified
2023-11-07 03:19
Severity ?
Summary
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none
References
| URL | Tags |
|---|
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none"
}
],
"id": "CVE-2020-17160",
"lastModified": "2023-11-07T03:19:10.240",
"metrics": {},
"published": "2020-12-10T00:15:16.747",
"references": [],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Rejected"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…