- Synchronized data.

2025-06-08 05:58:08 +00:00 · 2018-12-10 14:05:21 -05:00 · 2018-12-10 14:05:21 -05:00 · 007c872192
commit 007c872192
parent 16a1277bca
2 changed files with 104 additions and 102 deletions
--- a/2018/15xxx/CVE-2018-15800.json
+++ b/2018/15xxx/CVE-2018-15800.json
@ -1,84 +1,85 @@
 {
-   "CVE_data_meta": {
-      "ASSIGNER": "secure@dell.com",
-      "DATE_PUBLIC": "2018-12-06T00:00:00.000Z",
-      "ID": "CVE-2018-15800",
-      "STATE": "PUBLIC",
-      "TITLE": "Timing attack allows extraction of signing key in Bits Service"
+   "CVE_data_meta" : {
+      "ASSIGNER" : "secure@dell.com",
+      "DATE_PUBLIC" : "2018-12-06T00:00:00.000Z",
+      "ID" : "CVE-2018-15800",
+      "STATE" : "PUBLIC",
+      "TITLE" : "Timing attack allows extraction of signing key in Bits Service"
   },
-   "affects": {
-      "vendor": {
-         "vendor_data": [
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
            {
-               "product": {
-                  "product_data": [
+               "product" : {
+                  "product_data" : [
                     {
-                        "product_name": "Bits Service Release",
-                        "version": {
-                           "version_data": [
+                        "product_name" : "Bits Service Release",
+                        "version" : {
+                           "version_data" : [
                              {
-                                 "affected": "<",
-                                 "version_name": "all versions",
-                                 "version_value": "2.18.0"
+                                 "affected" : "<",
+                                 "version_name" : "all versions",
+                                 "version_value" : "2.18.0"
                              }
                           ]
                        }
                     }
                  ]
               },
-               "vendor_name": "Cloud Foundry"
+               "vendor_name" : "Cloud Foundry"
            }
         ]
      }
   },
-   "data_format": "MITRE",
-   "data_type": "CVE",
-   "data_version": "4.0",
-   "description": {
-      "description_data": [
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
         {
-            "lang": "eng",
-            "value": "Cloud Foundry Bits Service, versions prior to 2.18.0, includes an information disclosure vulnerability. A remote malicious user may execute a timing attack to brute-force the signing key, allowing them complete read and write access to the the Bits Service storage."
+            "lang" : "eng",
+            "value" : "Cloud Foundry Bits Service, versions prior to 2.18.0, includes an information disclosure vulnerability. A remote malicious user may execute a timing attack to brute-force the signing key, allowing them complete read and write access to the the Bits Service storage."
         }
      ]
   },
-   "impact": {
-      "cvss": {
-         "attackComplexity": "LOW",
-         "attackVector": "NETWORK",
-         "availabilityImpact": "NONE",
-         "baseScore": 8.1,
-         "baseSeverity": "HIGH",
-         "confidentialityImpact": "HIGH",
-         "integrityImpact": "HIGH",
-         "privilegesRequired": "LOW",
-         "scope": "UNCHANGED",
-         "userInteraction": "NONE",
-         "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
-         "version": "3.0"
+   "impact" : {
+      "cvss" : {
+         "attackComplexity" : "LOW",
+         "attackVector" : "NETWORK",
+         "availabilityImpact" : "NONE",
+         "baseScore" : 8.1,
+         "baseSeverity" : "HIGH",
+         "confidentialityImpact" : "HIGH",
+         "integrityImpact" : "HIGH",
+         "privilegesRequired" : "LOW",
+         "scope" : "UNCHANGED",
+         "userInteraction" : "NONE",
+         "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
+         "version" : "3.0"
      }
   },
-   "problemtype": {
-      "problemtype_data": [
+   "problemtype" : {
+      "problemtype_data" : [
         {
-            "description": [
+            "description" : [
               {
-                  "lang": "eng",
-                  "value": "Brute Force"
+                  "lang" : "eng",
+                  "value" : "Brute Force"
               }
            ]
         }
      ]
   },
-   "references": {
-      "reference_data": [
+   "references" : {
+      "reference_data" : [
         {
-            "refsource": "CONFIRM",
-            "url": "https://www.cloudfoundry.org/blog/cve-2018-15800"
+            "name" : "https://www.cloudfoundry.org/blog/cve-2018-15800",
+            "refsource" : "CONFIRM",
+            "url" : "https://www.cloudfoundry.org/blog/cve-2018-15800"
         }
      ]
   },
-   "source": {
-      "discovery": "UNKNOWN"
+   "source" : {
+      "discovery" : "UNKNOWN"
   }
-}
+}
--- a/2018/1xxx/CVE-2018-1279.json
+++ b/2018/1xxx/CVE-2018-1279.json
@ -1,84 +1,85 @@
 {
-   "CVE_data_meta": {
-      "ASSIGNER": "secure@dell.com",
-      "DATE_PUBLIC": "2018-12-05T00:00:00.000Z",
-      "ID": "CVE-2018-1279",
-      "STATE": "PUBLIC",
-      "TITLE": "RabbitMQ cluster compromise due to deterministically generated cookie"
+   "CVE_data_meta" : {
+      "ASSIGNER" : "secure@dell.com",
+      "DATE_PUBLIC" : "2018-12-05T00:00:00.000Z",
+      "ID" : "CVE-2018-1279",
+      "STATE" : "PUBLIC",
+      "TITLE" : "RabbitMQ cluster compromise due to deterministically generated cookie"
   },
-   "affects": {
-      "vendor": {
-         "vendor_data": [
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
            {
-               "product": {
-                  "product_data": [
+               "product" : {
+                  "product_data" : [
                     {
-                        "product_name": "RabbitMq for PCF",
-                        "version": {
-                           "version_data": [
+                        "product_name" : "RabbitMq for PCF",
+                        "version" : {
+                           "version_data" : [
                              {
-                                 "affected": ">",
-                                 "version_name": "all versions",
-                                 "version_value": "1"
+                                 "affected" : ">",
+                                 "version_name" : "all versions",
+                                 "version_value" : "1"
                              }
                           ]
                        }
                     }
                  ]
               },
-               "vendor_name": "Pivotal"
+               "vendor_name" : "Pivotal"
            }
         ]
      }
   },
-   "data_format": "MITRE",
-   "data_type": "CVE",
-   "data_version": "4.0",
-   "description": {
-      "description_data": [
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
         {
-            "lang": "eng",
-            "value": "Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports on any server in the MQ cluster can use this cookie to gain full control over the entire cluster."
+            "lang" : "eng",
+            "value" : "Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports on any server in the MQ cluster can use this cookie to gain full control over the entire cluster."
         }
      ]
   },
-   "impact": {
-      "cvss": {
-         "attackComplexity": "HIGH",
-         "attackVector": "NETWORK",
-         "availabilityImpact": "HIGH",
-         "baseScore": 8.5,
-         "baseSeverity": "HIGH",
-         "confidentialityImpact": "HIGH",
-         "integrityImpact": "HIGH",
-         "privilegesRequired": "LOW",
-         "scope": "CHANGED",
-         "userInteraction": "NONE",
-         "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
-         "version": "3.0"
+   "impact" : {
+      "cvss" : {
+         "attackComplexity" : "HIGH",
+         "attackVector" : "NETWORK",
+         "availabilityImpact" : "HIGH",
+         "baseScore" : 8.5,
+         "baseSeverity" : "HIGH",
+         "confidentialityImpact" : "HIGH",
+         "integrityImpact" : "HIGH",
+         "privilegesRequired" : "LOW",
+         "scope" : "CHANGED",
+         "userInteraction" : "NONE",
+         "vectorString" : "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
+         "version" : "3.0"
      }
   },
-   "problemtype": {
-      "problemtype_data": [
+   "problemtype" : {
+      "problemtype_data" : [
         {
-            "description": [
+            "description" : [
               {
-                  "lang": "eng",
-                  "value": "Use of Insufficiently Random Values"
+                  "lang" : "eng",
+                  "value" : "Use of Insufficiently Random Values"
               }
            ]
         }
      ]
   },
-   "references": {
-      "reference_data": [
+   "references" : {
+      "reference_data" : [
         {
-            "refsource": "CONFIRM",
-            "url": "https://pivotal.io/security/cve-2018-1279"
+            "name" : "https://pivotal.io/security/cve-2018-1279",
+            "refsource" : "CONFIRM",
+            "url" : "https://pivotal.io/security/cve-2018-1279"
         }
      ]
   },
-   "source": {
-      "discovery": "UNKNOWN"
+   "source" : {
+      "discovery" : "UNKNOWN"
   }
-}
+}