Example CVE IDs assigned to insecure defaults

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Example CVE IDs assigned to insecure defaults

Evans, Jonathan L.

Hello CVE Board Members,

 

To aid the discussion about whether CVE IDs should be assigned to insecure defaults, I have compiled a list of examples where CVE IDs that have been assigned to insecure defaults.

 

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-5497

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-7488

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-14312

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-17526

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-1953

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-3188

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-3446

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-4429

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-4574

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5342

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5365

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5396

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5884

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-6369

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-7685

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8024

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8026

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8701

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8705

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8765

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-9260

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-1549

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-13658

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-10694

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-8853

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-3825

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-12120

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-0039

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2017-8563

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2017-7968

 

-

Jonathan Evans

CVE Team


ExampleDefaultVulns.xlsx (17K) Download Attachment
smime.p7s (6K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Example CVE IDs assigned to insecure defaults

Landfield, Kent

Thanks. Could you also include who was the assiging organization?

 

Thank you, Gracias, Grazie, Mahalo, 谢谢, Merci!, Спасибо!, Bedankt,Danke!ありがとうधन्यवाद!

-- 

Kent Landfield

+1.817.637.8026

[hidden email]

 

 

From: Jonathan L Evans <[hidden email]>
Date: Wednesday, March 3, 2021 at 10:21 AM
To: CVE Editorial Board Discussion <[hidden email]>
Subject: Example CVE IDs assigned to insecure defaults

 

Hello CVE Board Members,

 

To aid the discussion about whether CVE IDs should be assigned to insecure defaults, I have compiled a list of examples where CVE IDs that have been assigned to insecure defaults.

 

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-5497

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-7488

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-14312

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-17526

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-1953

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-3188

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-3446

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-4429

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-4574

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5342

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5365

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5396

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5884

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-6369

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-7685

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8024

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8026

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8701

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8705

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8765

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-9260

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-1549

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-13658

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-10694

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-8853

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-3825

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-12120

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-0039

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2017-8563

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2017-7968

 

-

Jonathan Evans

CVE Team

Reply | Threaded
Open this post in threaded view
|

RE: Example CVE IDs assigned to insecure defaults

Evans, Jonathan L.

The CNA for each is in the attached spreadsheet, but for convenience sake, I have included here as well.

 

CVE ID   CNA

CVE-2019-5497  NetApp

CVE-2019-7488  SonicWall

CVE-2020-14312               Red Hat

CVE-2020-17526               Apache

CVE-2020-1953  Apache

CVE-2020-3188  Cisco

CVE-2020-3446  Cisco

CVE-2020-4429  IBM

CVE-2020-4574  IBM

CVE-2020-5342  Dell

CVE-2020-5365  Dell

CVE-2020-5396  Vmware

CVE-2020-5884  F5

CVE-2020-6369  SAP

CVE-2020-7685  Snyk

CVE-2020-8024  SUSE

CVE-2020-8026  SUSE

CVE-2020-8701  Intel

CVE-2020-8705  Intel

CVE-2020-8765  Intel

CVE-2020-9260  Huawei

CVE-2019-1549  OpenSSL

CVE-2019-13658               CA

CVE-2019-10694               Puppet

CVE-2018-8853  CISA ICS

CVE-2018-3825  Elastic

CVE-2018-12120               Node.js

CVE-2018-0039  Juniper

CVE-2017-8563  Microsoft

CVE-2017-7968  Schneider

 

From: Landfield, Kent <[hidden email]>
Sent: Wednesday, March 3, 2021 11:24 AM
To: Jonathan L Evans <[hidden email]>; CVE Editorial Board Discussion <[hidden email]>
Subject: Re: Example CVE IDs assigned to insecure defaults

 

Thanks. Could you also include who was the assiging organization?

 

Thank you, Gracias, Grazie, Mahalo, 谢谢, Merci!, Спасибо!, Bedankt,Danke!ありがとうधन्यवाद!

-- 

Kent Landfield

+1.817.637.8026

[hidden email]

 

 

From: Jonathan L Evans <[hidden email]>
Date: Wednesday, March 3, 2021 at 10:21 AM
To: CVE Editorial Board Discussion <[hidden email]>
Subject: Example CVE IDs assigned to insecure defaults

 

Hello CVE Board Members,

 

To aid the discussion about whether CVE IDs should be assigned to insecure defaults, I have compiled a list of examples where CVE IDs that have been assigned to insecure defaults.

 

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-5497

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-7488

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-14312

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-17526

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-1953

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-3188

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-3446

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-4429

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-4574

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5342

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5365

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5396

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5884

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-6369

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-7685

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8024

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8026

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8701

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8705

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8765

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-9260

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-1549

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-13658

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-10694

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-8853

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-3825

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-12120

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-0039

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2017-8563

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2017-7968

 

-

Jonathan Evans

CVE Team


smime.p7s (6K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Example CVE IDs assigned to insecure defaults

Landfield, Kent
In reply to this post by Evans, Jonathan L.

Perfect, thanks. I did not see it in the spreadsheet. Sorry…

 

Thank you, Gracias, Grazie, Mahalo, 谢谢, Merci!, Спасибо!, Bedankt,Danke!ありがとうधन्यवाद!

-- 

Kent Landfield

+1.817.637.8026

[hidden email]

 

 

From: Jonathan L Evans <[hidden email]>
Date: Wednesday, March 3, 2021 at 10:21 AM
To: CVE Editorial Board Discussion <[hidden email]>
Subject: Example CVE IDs assigned to insecure defaults

 

Hello CVE Board Members,

 

To aid the discussion about whether CVE IDs should be assigned to insecure defaults, I have compiled a list of examples where CVE IDs that have been assigned to insecure defaults.

 

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-5497

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-7488

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-14312

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-17526

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-1953

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-3188

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-3446

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-4429

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-4574

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5342

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5365

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5396

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-5884

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-6369

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-7685

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8024

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8026

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8701

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8705

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-8765

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-9260

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-1549

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-13658

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-10694

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-8853

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-3825

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-12120

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2018-0039

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2017-8563

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2017-7968

 

-

Jonathan Evans

CVE Team