From ef77b37a1902c9f9910012e8aeb63443d6c38a7a Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 19 Oct 2020 22:22:00 +0200
Subject: Process NFUs

---
 data/CVE/list.2020 | 136 ++++++++++++++++++++++++++---------------------------
 1 file changed, 68 insertions(+), 68 deletions(-)

diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index e2a6754c0e..f1be3b659c 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -5735,19 +5735,19 @@ CVE-2020-24654 (In KDE Ark before 20.08.1, a crafted TAR archive with symlinks c
 CVE-2020-24653 (secure-store in Expo through 2.16.1 on iOS provides the insecure kSecA ...)
 	NOT-FOR-US: secure-store in Expo on iOS
 CVE-2020-24652 (A addvsiinterfaceinfo expression language injection remote code execut ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-24651 (A syslogtempletselectwin expression language injection remote code exe ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-24650 (A legend expression language injection remote code execution vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-24649 (A remote bytemessageresource transformentity" input validation code ex ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-24648 (A accessmgrservlet classname deserialization of untrusted data remote  ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-24647 (A remote accessmgrservlet classname input validation code execution vu ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-24646 (A tftpserver stack-based buffer overflow remote code execution vulnera ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-24645
 	RESERVED
 CVE-2020-24644
@@ -5779,9 +5779,9 @@ CVE-2020-24632
 CVE-2020-24631
 	RESERVED
 CVE-2020-24630 (A remote operatoronlinelist_content privilege escalation vulnerability ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-24629 (A remote urlaccesscontroller authentication bypass vulnerability was d ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-24628 (A remote code injection vulnerability was discovered in HPE KVM IP Con ...)
 	NOT-FOR-US: HPE
 CVE-2020-24627 (A remote stored xss vulnerability was discovered in HPE KVM IP Console ...)
@@ -23601,9 +23601,9 @@ CVE-2020-15912 (** DISPUTED ** Tesla Model 3 vehicles allow attackers to open a
 CVE-2020-15911
 	RESERVED
 CVE-2020-15910 (SolarWinds N-Central version 12.3 GA and lower does not set the JSESSI ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2020-15909 (SolarWinds N-central through 2020.1 allows session hijacking and requi ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2020-15908 (tar/TarFileReader.cpp in Cauldron cbang (aka C-Bang or C!) before 1.6. ...)
 	NOT-FOR-US: Cauldron cbang
 CVE-2020-15907 (In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before ...)
@@ -28937,7 +28937,7 @@ CVE-2020-13780
 CVE-2020-13779
 	RESERVED
 CVE-2020-13778 (rConfig 3.9.4 and earlier allows authenticated code execution (of syst ...)
-	TODO: check
+	NOT-FOR-US: rConfig
 CVE-2020-13777 (GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting  ...)
 	{DSA-4697-1}
 	- gnutls28 3.6.14-1 (bug #962289)
@@ -34610,7 +34610,7 @@ CVE-2020-11498 (Slack Nebula through 1.1.0 contains a relative path vulnerabilit
 CVE-2020-11497 (An issue was discovered in the NAB Transact extension 2.1.0 for the Wo ...)
 	NOT-FOR-US: NAB Transact extension 2.1.0 for the WooCommerce plugin for WordPress
 CVE-2020-11496 (Sprecher SPRECON-E firmware prior to 8.64b might allow local attackers ...)
-	TODO: check
+	NOT-FOR-US: Sprecher SPRECON-E firmware
 CVE-2020-11495
 	REJECTED
 CVE-2020-11494 (An issue was discovered in slc_bump in drivers/net/can/slcan.c in the  ...)
@@ -44861,115 +44861,115 @@ CVE-2020-7197
 CVE-2020-7196
 	RESERVED
 CVE-2020-7195 (A iccselectrules expression language injection remote code execution v ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7194 (A perfaddormoddevicemonitor expression language injection remote code  ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7193 (A ictexpertcsvdownload expression language injection remote code execu ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7192 (A devicethresholdconfig expression language injection remote code exec ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7191 (A devsoftsel expression language injection remote code execution vulne ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7190 (A deviceselect expression language injection remote code execution vul ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7189 (A faultflasheventselectfact expression language injectionremote code e ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7188 (A userselectpagingcontent expression language injection remote code ex ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7187 (A reportpage index expression language injection remote code execution ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7186 (A powershellconfigcontent expression language injection remote code ex ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7185 (A tvxlanlegend expression language injection remote code execution vul ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7184 (A viewbatchtaskresultdetailfact expression language injection remote c ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7183 (A forwardredirect expression language injection remote code execution  ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7182 (A sshconfig expression language injection remote code execution vulner ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7181 (A smsrulesdownload expression language injection remote code execution ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7180 (A ictexpertdownload expression language injection remote code executio ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7179 (A thirdpartyperfselecttask expression language injection remote code e ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7178 (A mediaforaction expression language injection remote code execution v ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7177 (A wmiconfigcontent expression language injection remote code execution ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7176 (A viewtaskresultdetailfact expression language injection remote code e ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7175 (A iccselectdymicparam expression language injection remote code execut ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7174 (A soapconfigcontent expression language injection remote code executio ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7173 (A actionselectcontent expression language injection remote code execut ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7172 (A templateselect expression language injection remote code execution v ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7171 (A guidatadetail expression language injection remote code execution vu ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7170 (A select expression language injection remote code execution vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7169 (A ictexpertcsvdownload expression language injection remote code execu ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7168 (A selectusergroup expression language injection remote code execution  ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7167 (A quicktemplateselect expression language injection remote code execut ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7166 (A operatorgrouptreeselectcontent expression language injection remote  ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7165 (A iccselectcommand expression language injection remote code execution ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7164 (A operationselect expression language injection remote code execution  ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7163 (A navigationto expression language injection remote code execution vul ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7162 (A operatorgroupselectcontent expression language injection remote code ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7161 (A reporttaskselect expression language injection remote code execution ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7160 (A iccselectdeviceseries expression language injection remote code exec ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7159 (A customtemplateselect expression language injection remote code execu ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7158 (A perfselecttask expression language injection remote code execution v ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7157 (A selviewnavcontent expression language injection remote code executio ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7156 (A faultinfo_content expression language injection remote code executio ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7155 (A select expression language injection remote code execution vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7154 (A ifviewselectpage expression language injection remote code execution ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7153 (A iccselectdevtype expression language injection remote code execution ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7152 (A faultparasset expression language injection remote code execution vu ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7151 (A faulttrapgroupselect expression language injection remote code execu ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7150 (A faultstatchoosefaulttype expression language injection remote code e ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7149 (A ictexpertcsvdownload expression language injection remote code execu ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7148 (A deployselectsoftware expression language injection remote code execu ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7147 (A deployselectbootrom expression language injection remote code execut ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7146 (A devgroupselect expression language injection remote code execution v ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7145 (A chooseperfview expression language injection remote code execution v ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7144 (A comparefilesresult expression language injection remote code executi ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7143 (A faultdevparasset expression language injection remote code execution ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7142 (A eventinfo_content expression language injection remote code executio ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7141 (A adddevicetoview expression language injection remote code execution  ...)
-	TODO: check
+	NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7140 (A security vulnerability in HPE IceWall SSO Dfw and Dgfw (Domain Gatew ...)
 	NOT-FOR-US: HPE
 CVE-2020-7139 (Potential remote access security vulnerabilities have been identified  ...)
-- 
cgit v1.2.3