diff --git a/2019/4xxx/CVE-2019-4731.json b/2019/4xxx/CVE-2019-4731.json index 2d91296d62f..ad2ed99f294 100644 --- a/2019/4xxx/CVE-2019-4731.json +++ b/2019/4xxx/CVE-2019-4731.json @@ -1,90 +1,90 @@ { - "data_type" : "CVE", - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "MQ Appliance", - "version" : { - "version_data" : [ - { - "version_value" : "9.1.4.CD" - } - ] - } - } - ] - } - } - ] - } - }, - "data_version" : "4.0", - "impact" : { - "cvssv3" : { - "BM" : { - "AV" : "L", - "SCORE" : "5.100", - "A" : "N", - "C" : "H", - "AC" : "H", - "S" : "U", - "PR" : "N", - "I" : "N", - "UI" : "N" - }, - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - } - } - }, - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "MQ Appliance", + "version": { + "version_data": [ + { + "version_value": "9.1.4.CD" + } + ] + } + } + ] + } + } ] - } - ] - }, - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2019-4731", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2020-07-27T00:00:00" - }, - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/1125885", - "name" : "https://www.ibm.com/support/pages/node/1125885", - "title" : "IBM Security Bulletin 1125885 (MQ Appliance)", - "refsource" : "CONFIRM" - }, - { - "name" : "ibm-mq-cve20194731-info-disc (172616)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/172616", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF" - } - ] - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM MQ Appliance 9.1.4.CD could allow a local attacker to obtain highly sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 172616." - } - ] - } -} + } + }, + "data_version": "4.0", + "impact": { + "cvssv3": { + "BM": { + "AV": "L", + "SCORE": "5.100", + "A": "N", + "C": "H", + "AC": "H", + "S": "U", + "PR": "N", + "I": "N", + "UI": "N" + }, + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + } + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2019-4731", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2020-07-27T00:00:00" + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/1125885", + "name": "https://www.ibm.com/support/pages/node/1125885", + "title": "IBM Security Bulletin 1125885 (MQ Appliance)", + "refsource": "CONFIRM" + }, + { + "name": "ibm-mq-cve20194731-info-disc (172616)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172616", + "title": "X-Force Vulnerability Report", + "refsource": "XF" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM MQ Appliance 9.1.4.CD could allow a local attacker to obtain highly sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 172616." + } + ] + } +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4317.json b/2020/4xxx/CVE-2020-4317.json index 1319a760c05..a236a537227 100644 --- a/2020/4xxx/CVE-2020-4317.json +++ b/2020/4xxx/CVE-2020-4317.json @@ -1,158 +1,158 @@ { - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Intelligent Operations Center for Emergency Management, Intelligent Operations Center (IOC), and IBM Water Operations for Waternamics are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 177355." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } - ] - } - ] - }, - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2020-4317", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2020-07-27T00:00:00" - }, - "data_format" : "MITRE", - "references" : { - "reference_data" : [ - { - "title" : "IBM Security Bulletin 6253295 (Water Operations for Waternamics)", - "name" : "https://www.ibm.com/support/pages/node/6253295", - "url" : "https://www.ibm.com/support/pages/node/6253295", - "refsource" : "CONFIRM" - }, - { - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/177355", - "name" : "ibm-ioc-cve20204317-xss (177355)", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "data_version" : "4.0", - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "H" - }, - "BM" : { - "I" : "L", - "UI" : "R", - "AV" : "N", - "SCORE" : "5.400", - "A" : "N", - "C" : "L", - "AC" : "L", - "PR" : "L", - "S" : "C" - } - } - }, - "data_type" : "CVE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "Intelligent Operations Center", - "version" : { - "version_data" : [ - { - "version_value" : "5.1.0" - }, - { - "version_value" : "5.1.0.2" - }, - { - "version_value" : "5.1.0.3" - }, - { - "version_value" : "5.1.0.4" - }, - { - "version_value" : "5.1.0.6" - }, - { - "version_value" : "5.2" - }, - { - "version_value" : "5.2.1" - } - ] - } - }, - { - "version" : { - "version_data" : [ - { - "version_value" : "5.1.0" - }, - { - "version_value" : "5.1.0.2" - }, - { - "version_value" : "5.1.0.3" - }, - { - "version_value" : "5.1.0.4" - }, - { - "version_value" : "5.1.0.6" - }, - { - "version_value" : "5.2" - }, - { - "version_value" : "5.2.1" - } - ] - }, - "product_name" : "Water Operations for Waternamics" - }, - { - "product_name" : "Intelligent Operations Center for Emergency Management", - "version" : { - "version_data" : [ - { - "version_value" : "5.1.0" - }, - { - "version_value" : "5.1.0.2" - }, - { - "version_value" : "5.1.0.3" - }, - { - "version_value" : "5.1.0.4" - }, - { - "version_value" : "5.1.0.6" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" + "lang": "eng", + "value": "IBM Intelligent Operations Center for Emergency Management, Intelligent Operations Center (IOC), and IBM Water Operations for Waternamics are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 177355." } - ] - } - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2020-4317", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2020-07-27T00:00:00" + }, + "data_format": "MITRE", + "references": { + "reference_data": [ + { + "title": "IBM Security Bulletin 6253295 (Water Operations for Waternamics)", + "name": "https://www.ibm.com/support/pages/node/6253295", + "url": "https://www.ibm.com/support/pages/node/6253295", + "refsource": "CONFIRM" + }, + { + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177355", + "name": "ibm-ioc-cve20204317-xss (177355)", + "title": "X-Force Vulnerability Report" + } + ] + }, + "data_version": "4.0", + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "RL": "O", + "E": "H" + }, + "BM": { + "I": "L", + "UI": "R", + "AV": "N", + "SCORE": "5.400", + "A": "N", + "C": "L", + "AC": "L", + "PR": "L", + "S": "C" + } + } + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Intelligent Operations Center", + "version": { + "version_data": [ + { + "version_value": "5.1.0" + }, + { + "version_value": "5.1.0.2" + }, + { + "version_value": "5.1.0.3" + }, + { + "version_value": "5.1.0.4" + }, + { + "version_value": "5.1.0.6" + }, + { + "version_value": "5.2" + }, + { + "version_value": "5.2.1" + } + ] + } + }, + { + "version": { + "version_data": [ + { + "version_value": "5.1.0" + }, + { + "version_value": "5.1.0.2" + }, + { + "version_value": "5.1.0.3" + }, + { + "version_value": "5.1.0.4" + }, + { + "version_value": "5.1.0.6" + }, + { + "version_value": "5.2" + }, + { + "version_value": "5.2.1" + } + ] + }, + "product_name": "Water Operations for Waternamics" + }, + { + "product_name": "Intelligent Operations Center for Emergency Management", + "version": { + "version_data": [ + { + "version_value": "5.1.0" + }, + { + "version_value": "5.1.0.2" + }, + { + "version_value": "5.1.0.3" + }, + { + "version_value": "5.1.0.4" + }, + { + "version_value": "5.1.0.6" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } + ] + } + } +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4318.json b/2020/4xxx/CVE-2020-4318.json index 40d1177d969..f7f1526c4eb 100644 --- a/2020/4xxx/CVE-2020-4318.json +++ b/2020/4xxx/CVE-2020-4318.json @@ -1,158 +1,158 @@ { - "description" : { - "description_data" : [ - { - "value" : "IBM Intelligent Operations Center for Emergency Management, Intelligent Operations Center (IOC), and IBM Water Operations for Waternamics are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 177356.", - "lang" : "eng" - } - ] - }, - "CVE_data_meta" : { - "ID" : "CVE-2020-4318", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2020-07-27T00:00:00" - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Cross-Site Scripting", - "lang" : "eng" - } - ] - } - ] - }, - "data_format" : "MITRE", - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 6253297 (Intelligent Operations Center for Emergency Management)", - "url" : "https://www.ibm.com/support/pages/node/6253297", - "name" : "https://www.ibm.com/support/pages/node/6253297" - }, - { - "refsource" : "XF", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-ioc-cve20204318-xss (177356)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/177356" - } - ] - }, - "data_version" : "4.0", - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "H" - }, - "BM" : { - "PR" : "L", - "S" : "C", - "AC" : "L", - "C" : "L", - "A" : "N", - "SCORE" : "5.400", - "AV" : "N", - "UI" : "R", - "I" : "L" - } - } - }, - "data_type" : "CVE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "description": { + "description_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "5.1.0" - }, - { - "version_value" : "5.1.0.2" - }, - { - "version_value" : "5.1.0.3" - }, - { - "version_value" : "5.1.0.4" - }, - { - "version_value" : "5.1.0.6" - } - ] - }, - "product_name" : "Intelligent Operations Center for Emergency Management" - }, - { - "product_name" : "Water Operations for Waternamics", - "version" : { - "version_data" : [ - { - "version_value" : "5.1.0" - }, - { - "version_value" : "5.1.0.2" - }, - { - "version_value" : "5.1.0.3" - }, - { - "version_value" : "5.1.0.4" - }, - { - "version_value" : "5.1.0.6" - }, - { - "version_value" : "5.2" - }, - { - "version_value" : "5.2.1" - } - ] - } - }, - { - "product_name" : "Intelligent Operations Center", - "version" : { - "version_data" : [ - { - "version_value" : "5.1.0" - }, - { - "version_value" : "5.1.0.2" - }, - { - "version_value" : "5.1.0.3" - }, - { - "version_value" : "5.1.0.4" - }, - { - "version_value" : "5.1.0.6" - }, - { - "version_value" : "5.2" - }, - { - "version_value" : "5.2.1" - } - ] - } - } - ] - } + "value": "IBM Intelligent Operations Center for Emergency Management, Intelligent Operations Center (IOC), and IBM Water Operations for Waternamics are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 177356.", + "lang": "eng" } - ] - } - } -} + ] + }, + "CVE_data_meta": { + "ID": "CVE-2020-4318", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2020-07-27T00:00:00" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Cross-Site Scripting", + "lang": "eng" + } + ] + } + ] + }, + "data_format": "MITRE", + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 6253297 (Intelligent Operations Center for Emergency Management)", + "url": "https://www.ibm.com/support/pages/node/6253297", + "name": "https://www.ibm.com/support/pages/node/6253297" + }, + { + "refsource": "XF", + "title": "X-Force Vulnerability Report", + "name": "ibm-ioc-cve20204318-xss (177356)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177356" + } + ] + }, + "data_version": "4.0", + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "RL": "O", + "E": "H" + }, + "BM": { + "PR": "L", + "S": "C", + "AC": "L", + "C": "L", + "A": "N", + "SCORE": "5.400", + "AV": "N", + "UI": "R", + "I": "L" + } + } + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "5.1.0" + }, + { + "version_value": "5.1.0.2" + }, + { + "version_value": "5.1.0.3" + }, + { + "version_value": "5.1.0.4" + }, + { + "version_value": "5.1.0.6" + } + ] + }, + "product_name": "Intelligent Operations Center for Emergency Management" + }, + { + "product_name": "Water Operations for Waternamics", + "version": { + "version_data": [ + { + "version_value": "5.1.0" + }, + { + "version_value": "5.1.0.2" + }, + { + "version_value": "5.1.0.3" + }, + { + "version_value": "5.1.0.4" + }, + { + "version_value": "5.1.0.6" + }, + { + "version_value": "5.2" + }, + { + "version_value": "5.2.1" + } + ] + } + }, + { + "product_name": "Intelligent Operations Center", + "version": { + "version_data": [ + { + "version_value": "5.1.0" + }, + { + "version_value": "5.1.0.2" + }, + { + "version_value": "5.1.0.3" + }, + { + "version_value": "5.1.0.4" + }, + { + "version_value": "5.1.0.6" + }, + { + "version_value": "5.2" + }, + { + "version_value": "5.2.1" + } + ] + } + } + ] + } + } + ] + } + } +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4319.json b/2020/4xxx/CVE-2020-4319.json index 0335f93154f..6a25735bb33 100644 --- a/2020/4xxx/CVE-2020-4319.json +++ b/2020/4xxx/CVE-2020-4319.json @@ -1,96 +1,96 @@ { - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an error message within the pre-v7 pubsub logic. IBM X-Force ID: 177402." - } - ] - }, - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2020-4319", - "DATE_PUBLIC" : "2020-07-27T00:00:00" - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } - ] - } - ] - }, - "data_format" : "MITRE", - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "name" : "https://www.ibm.com/support/pages/node/6252777", - "url" : "https://www.ibm.com/support/pages/node/6252777", - "title" : "IBM Security Bulletin 6252777 (MQ Appliance)" - }, - { - "refsource" : "XF", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-mq-cve20204319-info-disc (177402)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/177402" - } - ] - }, - "data_version" : "4.0", - "impact" : { - "cvssv3" : { - "BM" : { - "UI" : "N", - "I" : "N", - "PR" : "L", - "S" : "U", - "C" : "L", - "AC" : "H", - "SCORE" : "3.100", - "A" : "N", - "AV" : "N" - }, - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - } - } - }, - "data_type" : "CVE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "description": { + "description_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "8.0" - }, - { - "version_value" : "9.1.LTS" - }, - { - "version_value" : "9.1.CD" - } - ] - }, - "product_name" : "MQ Appliance" - } - ] - } + "lang": "eng", + "value": "IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an error message within the pre-v7 pubsub logic. IBM X-Force ID: 177402." } - ] - } - } -} + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2020-4319", + "DATE_PUBLIC": "2020-07-27T00:00:00" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Obtain Information", + "lang": "eng" + } + ] + } + ] + }, + "data_format": "MITRE", + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.ibm.com/support/pages/node/6252777", + "url": "https://www.ibm.com/support/pages/node/6252777", + "title": "IBM Security Bulletin 6252777 (MQ Appliance)" + }, + { + "refsource": "XF", + "title": "X-Force Vulnerability Report", + "name": "ibm-mq-cve20204319-info-disc (177402)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177402" + } + ] + }, + "data_version": "4.0", + "impact": { + "cvssv3": { + "BM": { + "UI": "N", + "I": "N", + "PR": "L", + "S": "U", + "C": "L", + "AC": "H", + "SCORE": "3.100", + "A": "N", + "AV": "N" + }, + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + } + } + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "8.0" + }, + { + "version_value": "9.1.LTS" + }, + { + "version_value": "9.1.CD" + } + ] + }, + "product_name": "MQ Appliance" + } + ] + } + } + ] + } + } +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4375.json b/2020/4xxx/CVE-2020-4375.json index a20d2fed741..9c6c56ed962 100644 --- a/2020/4xxx/CVE-2020-4375.json +++ b/2020/4xxx/CVE-2020-4375.json @@ -1,96 +1,96 @@ { - "data_format" : "MITRE", - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2020-4375", - "DATE_PUBLIC" : "2020-07-27T00:00:00" - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6252785", - "name" : "https://www.ibm.com/support/pages/node/6252785", - "title" : "IBM Security Bulletin 6252785 (MQ Appliance)", - "refsource" : "CONFIRM" - }, - { - "title" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/179080", - "name" : "ibm-mq-cve20204375-dos (179080)", - "refsource" : "XF" - } - ] - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS could allow an attacker to cause a denial of service due to a memory leak caused by an error creating a dynamic queue. IBM X-Force ID: 179080." - } - ] - }, - "data_type" : "CVE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_format": "MITRE", + "CVE_data_meta": { + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2020-4375", + "DATE_PUBLIC": "2020-07-27T00:00:00" + }, + "problemtype": { + "problemtype_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "MQ Appliance", - "version" : { - "version_data" : [ - { - "version_value" : "8.0" - }, - { - "version_value" : "9.1.LTS" - }, - { - "version_value" : "9.1.CD" - } - ] - } - } - ] - } + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] } - ] - } - }, - "data_version" : "4.0", - "impact" : { - "cvssv3" : { - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - }, - "BM" : { - "AV" : "N", - "A" : "H", - "SCORE" : "5.900", - "AC" : "H", - "C" : "N", - "PR" : "N", - "S" : "U", - "I" : "N", - "UI" : "N" - } - } - } -} + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6252785", + "name": "https://www.ibm.com/support/pages/node/6252785", + "title": "IBM Security Bulletin 6252785 (MQ Appliance)", + "refsource": "CONFIRM" + }, + { + "title": "X-Force Vulnerability Report", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/179080", + "name": "ibm-mq-cve20204375-dos (179080)", + "refsource": "XF" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS could allow an attacker to cause a denial of service due to a memory leak caused by an error creating a dynamic queue. IBM X-Force ID: 179080." + } + ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "MQ Appliance", + "version": { + "version_data": [ + { + "version_value": "8.0" + }, + { + "version_value": "9.1.LTS" + }, + { + "version_value": "9.1.CD" + } + ] + } + } + ] + } + } + ] + } + }, + "data_version": "4.0", + "impact": { + "cvssv3": { + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + }, + "BM": { + "AV": "N", + "A": "H", + "SCORE": "5.900", + "AC": "H", + "C": "N", + "PR": "N", + "S": "U", + "I": "N", + "UI": "N" + } + } + } +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4465.json b/2020/4xxx/CVE-2020-4465.json index 3ec1fd34c1e..fbba6f9d5b8 100644 --- a/2020/4xxx/CVE-2020-4465.json +++ b/2020/4xxx/CVE-2020-4465.json @@ -1,96 +1,96 @@ { - "impact" : { - "cvssv3" : { - "BM" : { - "S" : "U", - "PR" : "L", - "AC" : "H", - "C" : "N", - "A" : "H", - "SCORE" : "5.300", - "AV" : "N", - "UI" : "N", - "I" : "N" - }, - "TM" : { - "RL" : "O", - "RC" : "C", - "E" : "U" - } - } - }, - "data_version" : "4.0", - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "8.0" - }, - { - "version_value" : "9.1.LTS" - }, - { - "version_value" : "9.1.CD" - } - ] - }, - "product_name" : "MQ Appliance" - } - ] - }, - "vendor_name" : "IBM" + "impact": { + "cvssv3": { + "BM": { + "S": "U", + "PR": "L", + "AC": "H", + "C": "N", + "A": "H", + "SCORE": "5.300", + "AV": "N", + "UI": "N", + "I": "N" + }, + "TM": { + "RL": "O", + "RC": "C", + "E": "U" } - ] - } - }, - "data_type" : "CVE", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS is vulnerable to a buffer overflow vulnerability due to an error within the channel processing code. A remote attacker could overflow the buffer using an older client and cause a denial of service. IBM X-Force ID: 181562." - } - ] - }, - "references" : { - "reference_data" : [ - { - "title" : "IBM Security Bulletin 6252783 (MQ Appliance)", - "url" : "https://www.ibm.com/support/pages/node/6252783", - "name" : "https://www.ibm.com/support/pages/node/6252783", - "refsource" : "CONFIRM" - }, - { - "title" : "X-Force Vulnerability Report", - "name" : "ibm-mq-cve20204465-dos (181562)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/181562", - "refsource" : "XF" - } - ] - }, - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Denial of Service", - "lang" : "eng" - } + } + }, + "data_version": "4.0", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "8.0" + }, + { + "version_value": "9.1.LTS" + }, + { + "version_value": "9.1.CD" + } + ] + }, + "product_name": "MQ Appliance" + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "CVE_data_meta" : { - "DATE_PUBLIC" : "2020-07-27T00:00:00", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2020-4465" - } -} + } + }, + "data_type": "CVE", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS is vulnerable to a buffer overflow vulnerability due to an error within the channel processing code. A remote attacker could overflow the buffer using an older client and cause a denial of service. IBM X-Force ID: 181562." + } + ] + }, + "references": { + "reference_data": [ + { + "title": "IBM Security Bulletin 6252783 (MQ Appliance)", + "url": "https://www.ibm.com/support/pages/node/6252783", + "name": "https://www.ibm.com/support/pages/node/6252783", + "refsource": "CONFIRM" + }, + { + "title": "X-Force Vulnerability Report", + "name": "ibm-mq-cve20204465-dos (181562)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181562", + "refsource": "XF" + } + ] + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Denial of Service", + "lang": "eng" + } + ] + } + ] + }, + "CVE_data_meta": { + "DATE_PUBLIC": "2020-07-27T00:00:00", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2020-4465" + } +} \ No newline at end of file