cvelist/2018/11xxx/CVE-2018-11141.json

{
    "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2018-11141",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "n/a",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "n/a"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/adminui/advisory.php' script in the Quest KACE System Management Virtual Appliance 8.0.318 can be abused to write and delete files respectively via Directory Traversal. Files can be at any location where the 'www' user has write permissions."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities",
                "refsource": "MISC",
                "url": "https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities"
            }
        ]
    }
}
- Synchronized data. 2018-05-15 17:05:59 -04:00			`{`
"-Synchronized-Data." 2019-03-18 00:38:19 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "cve@mitre.org",`
			`"ID": "CVE-2018-11141",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "n/a",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
- Synchronized data. 2018-05-31 14:03:35 -04:00			`{`
"-Synchronized-Data." 2019-03-18 00:38:19 +00:00			`"lang": "eng",`
			`"value": "The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/adminui/advisory.php' script in the Quest KACE System Management Virtual Appliance 8.0.318 can be abused to write and delete files respectively via Directory Traversal. Files can be at any location where the 'www' user has write permissions."`
- Synchronized data. 2018-05-31 14:03:35 -04:00			`}`
"-Synchronized-Data." 2019-03-18 00:38:19 +00:00			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities",`
			`"refsource": "MISC",`
			`"url": "https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities"`
			`}`
			`]`
			`}`
			`}`