Merge pull request #1867 from lordoxley/patch-11

Publish 2019-3612
2025-05-07 03:02:46 +00:00 · 2019-04-10 16:10:44 -04:00 · 2019-04-10 16:10:44 -04:00 · 007a72c125
commit 007a72c125
parent f858e054d2 d386b540ce
1 changed files with 94 additions and 15 deletions
--- a/2019/3xxx/CVE-2019-3612.json
+++ b/2019/3xxx/CVE-2019-3612.json
@ -1,18 +1,97 @@
 {
-    "CVE_data_meta": {
-        "ASSIGNER": "cve@mitre.org",
-        "ID": "CVE-2019-3612",
-        "STATE": "RESERVED"
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
-    "description": {
-        "description_data": [
+   "CVE_data_meta": {
+      "ASSIGNER": "psirt@mcafee.com",
+      "ID": "CVE-2019-3612",
+      "STATE": "PUBLIC",
+      "TITLE": "Information disclosure vulnerability in McAfee TIE Server and DXL Platform"
+   },
+   "affects": {
+      "vendor": {
+         "vendor_data": [
            {
-                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+               "product": {
+                  "product_data": [
+                     {
+                        "product_name": "Data eXchange Layer (DXL) Platform",
+                        "version": {
+                           "version_data": [
+                              {
+                                 "version_affected": "<",
+                                 "version_value": "5.0.1 HF2"
+                              }
+                           ]
+                        }
+                     },
+                     {
+                        "product_name": "Threat Intelligence Exchange (TIE) Server",
+                        "version": {
+                           "version_data": [
+                              {
+                                 "version_affected": "<",
+                                 "version_value": "2.3.1 HF1"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name": "McAfee, LLC"
            }
-        ]
-    }
-}
+         ]
+      }
+   },
+   "data_format": "MITRE",
+   "data_type": "CVE",
+   "data_version": "4.0",
+   "description": {
+      "description_data": [
+         {
+            "lang": "eng",
+            "value": "Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line."
+         }
+      ]
+   },
+   "generator": {
+      "engine": "Vulnogram 0.0.6"
+   },
+   "impact": {
+      "cvss": {
+         "attackComplexity": "LOW",
+         "attackVector": "LOCAL",
+         "availabilityImpact": "HIGH",
+         "baseScore": 8.2,
+         "baseSeverity": "HIGH",
+         "confidentialityImpact": "HIGH",
+         "integrityImpact": "HIGH",
+         "privilegesRequired": "HIGH",
+         "scope": "CHANGED",
+         "userInteraction": "NONE",
+         "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
+         "version": "3.0"
+      }
+   },
+   "problemtype": {
+      "problemtype_data": [
+         {
+            "description": [
+               {
+                  "lang": "eng",
+                  "value": "Information Disclosure vulnerability"
+               }
+            ]
+         }
+      ]
+   },
+   "references": {
+      "reference_data": [
+         {
+            "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10279",
+            "refsource": "CONFIRM",
+            "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10279"
+         }
+      ]
+   },
+   "source": {
+      "discovery": "INTERNAL"
+   }
+}