VAR-202011-1475
Vulnerability from variot - Updated: 2024-11-23 21:09In some Lenovo Desktop models, the Configuration Change Detection BIOS setting failed to detect SATA configuration changes. plural Lenovo Desktop There are unspecified vulnerabilities in the model.Information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202011-1475",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "yangtian mc h81",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "thinkcentre e73",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "yangtian wcc h81 pci",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "thinkcentre m4500t",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "thinkcentre m73",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "thinkcentre m4500s",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "yangtian afh81",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "yangtian wf h81 pci",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "yangtian ms",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "yangtian mf",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "yangtian tc",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "qitian m4550",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "thinkcentre m4500k",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "yangtian ws h81",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "qitian b4550",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "qitian 4500",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": null
},
{
"model": "thinkcentre m4500s",
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": "qitian b4550",
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": "yangtian afh81",
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": "thinkcentre m4500t",
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": "qitian 4500",
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": "thinkcentre m73",
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": "thinkcentre e73",
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": "qitian m4550",
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": "yangtian mc h81",
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": "thinkcentre m4500k",
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013467"
},
{
"db": "NVD",
"id": "CVE-2020-8352"
}
]
},
"cve": "CVE-2020-8352",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-8352",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"id": "CVE-2020-8352",
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 2.4,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-013467",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-8352",
"trust": 1.0,
"value": "LOW"
},
{
"author": "psirt@lenovo.com",
"id": "CVE-2020-8352",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2020-8352",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-1705",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013467"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1705"
},
{
"db": "NVD",
"id": "CVE-2020-8352"
},
{
"db": "NVD",
"id": "CVE-2020-8352"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In some Lenovo Desktop models, the Configuration Change Detection BIOS setting failed to detect SATA configuration changes. plural Lenovo Desktop There are unspecified vulnerabilities in the model.Information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8352"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013467"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-8352",
"trust": 2.4
},
{
"db": "LENOVO",
"id": "LEN-49266",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013467",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1705",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013467"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1705"
},
{
"db": "NVD",
"id": "CVE-2020-8352"
}
]
},
"id": "VAR-202011-1475",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.34126985
},
"last_update_date": "2024-11-23T21:09:35.781000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LEN-49266",
"trust": 0.8,
"url": "https://support.lenovo.com/us/en/product_security/LEN-49266"
},
{
"title": "Lenovo Desktop Fixing measures for security feature vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=133694"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013467"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1705"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-358",
"trust": 1.0
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013467"
},
{
"db": "NVD",
"id": "CVE-2020-8352"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://support.lenovo.com/us/en/product_security/len-49266"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8352"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013467"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1705"
},
{
"db": "NVD",
"id": "CVE-2020-8352"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013467"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1705"
},
{
"db": "NVD",
"id": "CVE-2020-8352"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-013467"
},
{
"date": "2019-11-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1705"
},
{
"date": "2020-11-11T18:15:11.420000",
"db": "NVD",
"id": "CVE-2020-8352"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-06T09:13:00",
"db": "JVNDB",
"id": "JVNDB-2020-013467"
},
{
"date": "2021-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1705"
},
{
"date": "2024-11-21T05:38:45.727000",
"db": "NVD",
"id": "CVE-2020-8352"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Lenovo\u00a0Desktop\u00a0 Vulnerability in the model",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013467"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1705"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…