cvelist/2017/1xxx/CVE-2017-1355.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "psirt@us.ibm.com",
      "DATE_PUBLIC" : "2017-07-14T00:00:00",
      "ID" : "CVE-2017-1355",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "Atlas eDiscovery Process Management",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "6.0.3"
                              },
                              {
                                 "version_value" : "6.0.3.2"
                              },
                              {
                                 "version_value" : "6.0.3.3"
                              },
                              {
                                 "version_value" : "6.0.3.4"
                              },
                              {
                                 "version_value" : "6.0.3.5"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "IBM"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 126682."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "Obtain Information"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126682",
            "refsource" : "MISC",
            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126682"
         },
         {
            "name" : "https://www.ibm.com/support/docview.wss?uid=swg22005836",
            "refsource" : "CONFIRM",
            "url" : "https://www.ibm.com/support/docview.wss?uid=swg22005836"
         },
         {
            "name" : "102016",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/102016"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
IBM20171207 Added CVE-2017-1271, CVE-2017-1336, CVE-2017-1341, CVE-2017-1342, CVE-2017-1353, CVE-2017-1354, CVE-2017-1355, CVE-2017-1356, CVE-2017-1433, CVE-2017-1465, CVE-2017-1481, CVE-2017-1482, CVE-2017-1487, CVE-2017-1498, CVE-2017-1498. 2017-12-07 09:27:40 -05:00			`"CVE_data_meta" : {`
			`"ASSIGNER" : "psirt@us.ibm.com",`
- Synchronized data. 2017-12-07 10:02:42 -05:00			`"DATE_PUBLIC" : "2017-07-14T00:00:00",`
			`"ID" : "CVE-2017-1355",`
			`"STATE" : "PUBLIC"`
IBM20171207 Added CVE-2017-1271, CVE-2017-1336, CVE-2017-1341, CVE-2017-1342, CVE-2017-1353, CVE-2017-1354, CVE-2017-1355, CVE-2017-1356, CVE-2017-1433, CVE-2017-1465, CVE-2017-1481, CVE-2017-1482, CVE-2017-1487, CVE-2017-1498, CVE-2017-1498. 2017-12-07 09:27:40 -05:00			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "Atlas eDiscovery Process Management",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "6.0.3"`
			`},`
			`{`
			`"version_value" : "6.0.3.2"`
			`},`
			`{`
			`"version_value" : "6.0.3.3"`
			`},`
			`{`
			`"version_value" : "6.0.3.4"`
			`},`
			`{`
			`"version_value" : "6.0.3.5"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "IBM"`
			`}`
			`]`
			`}`
			`},`
- Synchronized data. 2017-12-07 10:02:42 -05:00			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 126682."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "Obtain Information"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126682",`
			`"refsource" : "MISC",`
- Synchronized data. 2017-12-07 10:02:42 -05:00			`"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126682"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://www.ibm.com/support/docview.wss?uid=swg22005836",`
			`"refsource" : "CONFIRM",`
- Synchronized data. 2017-12-07 10:02:42 -05:00			`"url" : "https://www.ibm.com/support/docview.wss?uid=swg22005836"`
- Synchronized data. 2017-12-08 06:04:30 -05:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "102016",`
			`"refsource" : "BID",`
- Synchronized data. 2017-12-08 06:04:30 -05:00			`"url" : "http://www.securityfocus.com/bid/102016"`
- Synchronized data. 2017-12-07 10:02:42 -05:00			`}`
			`]`
			`}`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`