Search
Find a vulnerability
Search criteria
5 vulnerabilities by entrustdatacard
VAR-201807-0667
Vulnerability from variot - Updated: 2024-11-23 22:26Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page. Entrust Datacard Syntera CS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Entrust Datacard Syntera CS is an integrated suite of Entrust Datacard Corporation in the United States for connecting Datacard issuing systems and special software
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201807-0667",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "syntera customization suite",
"scope": "eq",
"trust": 1.6,
"vendor": "entrustdatacard",
"version": "5.1"
},
{
"model": "syntera customization suite",
"scope": "eq",
"trust": 1.6,
"vendor": "entrustdatacard",
"version": "5.0"
},
{
"model": "syntera customization suite",
"scope": "eq",
"trust": 0.8,
"vendor": "entrust datacard",
"version": "5.x"
},
{
"model": "datacard syntera cs",
"scope": "eq",
"trust": 0.6,
"vendor": "entrust",
"version": "5.*"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13037"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007774"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-338"
},
{
"db": "NVD",
"id": "CVE-2018-13252"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:entrustdatacard:syntera_customization_suite",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-007774"
}
]
},
"cve": "CVE-2018-13252",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-13252",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-13037",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2018-13252",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-13252",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-13252",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-13037",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-338",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13037"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007774"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-338"
},
{
"db": "NVD",
"id": "CVE-2018-13252"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Entrust Datacard Syntera CS 5.x has XSS via the name field of \"Domain or Computer Name\" in the login page. Entrust Datacard Syntera CS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Entrust Datacard Syntera CS is an integrated suite of Entrust Datacard Corporation in the United States for connecting Datacard issuing systems and special software",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-13252"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007774"
},
{
"db": "CNVD",
"id": "CNVD-2018-13037"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-13252",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007774",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-13037",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201807-338",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13037"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007774"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-338"
},
{
"db": "NVD",
"id": "CVE-2018-13252"
}
]
},
"id": "VAR-201807-0667",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13037"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13037"
}
]
},
"last_update_date": "2024-11-23T22:26:16.869000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Syntera Customization Suite Software Support",
"trust": 0.8,
"url": "https://www.datacard.com/manufacturing-efficiency-software-support/syntera-cs"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-007774"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-007774"
},
{
"db": "NVD",
"id": "CVE-2018-13252"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/herwonowr/cve/tree/master/cve-2018-13252"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13252"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-13252"
},
{
"trust": 0.6,
"url": "https://www.entrustdatacard.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13037"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007774"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-338"
},
{
"db": "NVD",
"id": "CVE-2018-13252"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-13037"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007774"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-338"
},
{
"db": "NVD",
"id": "CVE-2018-13252"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13037"
},
{
"date": "2018-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-007774"
},
{
"date": "2018-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-338"
},
{
"date": "2018-07-05T17:29:00.250000",
"db": "NVD",
"id": "CVE-2018-13252"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13037"
},
{
"date": "2018-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-007774"
},
{
"date": "2018-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-338"
},
{
"date": "2024-11-21T03:46:43.920000",
"db": "NVD",
"id": "CVE-2018-13252"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-338"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Entrust Datacard Syntera CS Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13037"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-338"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-338"
}
],
"trust": 0.6
}
}
CVE-2020-10659 (GCVE-0-2020-10659)
Vulnerability from nvd – Published: 2020-03-18 01:40 – Updated: 2024-08-04 11:06
VLAI
Summary
Entrust Entelligence Security Provider (ESP) before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where (for example) a user continues to interact with a web site that has an invalid certificate chain.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/etherpacket/CVD-Applications/b… | x_refsource_MISC |
| https://github.com/etherpacket/CVD-Applications/b… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:11.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/etherpacket/CVD-Applications/blob/master/EDC%20Security%20Bulletin%20E19-001a.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/etherpacket/CVD-Applications/blob/master/eespwin_10_10060_readme.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust Entelligence Security Provider (ESP) before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where (for example) a user continues to interact with a web site that has an invalid certificate chain."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-18T01:40:36.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/etherpacket/CVD-Applications/blob/master/EDC%20Security%20Bulletin%20E19-001a.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/etherpacket/CVD-Applications/blob/master/eespwin_10_10060_readme.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Entrust Entelligence Security Provider (ESP) before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where (for example) a user continues to interact with a web site that has an invalid certificate chain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/etherpacket/CVD-Applications/blob/master/EDC%20Security%20Bulletin%20E19-001a.pdf",
"refsource": "MISC",
"url": "https://github.com/etherpacket/CVD-Applications/blob/master/EDC%20Security%20Bulletin%20E19-001a.pdf"
},
{
"name": "https://github.com/etherpacket/CVD-Applications/blob/master/eespwin_10_10060_readme.pdf",
"refsource": "MISC",
"url": "https://github.com/etherpacket/CVD-Applications/blob/master/eespwin_10_10060_readme.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10659",
"datePublished": "2020-03-18T01:40:36.000Z",
"dateReserved": "2020-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:11.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-13252 (GCVE-0-2018-13252)
Vulnerability from nvd – Published: 2018-07-05 17:00 – Updated: 2024-08-05 09:00
VLAI
Summary
Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/herwonowr/CVE/tree/master/CVE-… | x_refsource_MISC |
Date Public
2018-07-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:33.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/herwonowr/CVE/tree/master/CVE-2018-13252"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Entrust Datacard Syntera CS 5.x has XSS via the name field of \"Domain or Computer Name\" in the login page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-05T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/herwonowr/CVE/tree/master/CVE-2018-13252"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-13252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Entrust Datacard Syntera CS 5.x has XSS via the name field of \"Domain or Computer Name\" in the login page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/herwonowr/CVE/tree/master/CVE-2018-13252",
"refsource": "MISC",
"url": "https://github.com/herwonowr/CVE/tree/master/CVE-2018-13252"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-13252",
"datePublished": "2018-07-05T17:00:00.000Z",
"dateReserved": "2018-07-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:00:33.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10659 (GCVE-0-2020-10659)
Vulnerability from cvelistv5 – Published: 2020-03-18 01:40 – Updated: 2024-08-04 11:06
VLAI
Summary
Entrust Entelligence Security Provider (ESP) before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where (for example) a user continues to interact with a web site that has an invalid certificate chain.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/etherpacket/CVD-Applications/b… | x_refsource_MISC |
| https://github.com/etherpacket/CVD-Applications/b… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:11.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/etherpacket/CVD-Applications/blob/master/EDC%20Security%20Bulletin%20E19-001a.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/etherpacket/CVD-Applications/blob/master/eespwin_10_10060_readme.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust Entelligence Security Provider (ESP) before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where (for example) a user continues to interact with a web site that has an invalid certificate chain."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-18T01:40:36.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/etherpacket/CVD-Applications/blob/master/EDC%20Security%20Bulletin%20E19-001a.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/etherpacket/CVD-Applications/blob/master/eespwin_10_10060_readme.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Entrust Entelligence Security Provider (ESP) before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where (for example) a user continues to interact with a web site that has an invalid certificate chain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/etherpacket/CVD-Applications/blob/master/EDC%20Security%20Bulletin%20E19-001a.pdf",
"refsource": "MISC",
"url": "https://github.com/etherpacket/CVD-Applications/blob/master/EDC%20Security%20Bulletin%20E19-001a.pdf"
},
{
"name": "https://github.com/etherpacket/CVD-Applications/blob/master/eespwin_10_10060_readme.pdf",
"refsource": "MISC",
"url": "https://github.com/etherpacket/CVD-Applications/blob/master/eespwin_10_10060_readme.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10659",
"datePublished": "2020-03-18T01:40:36.000Z",
"dateReserved": "2020-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:11.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-13252 (GCVE-0-2018-13252)
Vulnerability from cvelistv5 – Published: 2018-07-05 17:00 – Updated: 2024-08-05 09:00
VLAI
Summary
Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/herwonowr/CVE/tree/master/CVE-… | x_refsource_MISC |
Date Public
2018-07-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:33.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/herwonowr/CVE/tree/master/CVE-2018-13252"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Entrust Datacard Syntera CS 5.x has XSS via the name field of \"Domain or Computer Name\" in the login page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-05T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/herwonowr/CVE/tree/master/CVE-2018-13252"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-13252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Entrust Datacard Syntera CS 5.x has XSS via the name field of \"Domain or Computer Name\" in the login page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/herwonowr/CVE/tree/master/CVE-2018-13252",
"refsource": "MISC",
"url": "https://github.com/herwonowr/CVE/tree/master/CVE-2018-13252"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-13252",
"datePublished": "2018-07-05T17:00:00.000Z",
"dateReserved": "2018-07-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:00:33.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}