admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-10-23 10:05:10 -04:00
parent 340ff01ebd
commit 040115e672
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
10 changed files with 238 additions and 182 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
2018/13xxx/CVE-2018-13400.json
View File

@ -1,117 +1,119 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-10-23T00:00:00",
"ID": "CVE-2018-13400",
"STATE": "PUBLIC"
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-10-23T00:00:00",
"ID" : "CVE-2018-13400",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Jira",
"version": {
"version_data": [
"product_name" : "Jira",
"version" : {
"version_data" : [
{
"version_value": "7.6.9",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.6.9"
},
{
"version_value": "7.7.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.7.0"
},
{
"version_value": "7.7.5",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.7.5"
},
{
"version_value": "7.8.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.8.0"
},
{
"version_value": "7.8.5",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.8.5"
},
{
"version_value": "7.9.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.9.0"
},
{
"version_value": "7.9.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.9.3"
},
{
"version_value": "7.10.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.10.0"
},
{
"version_value": "7.10.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.10.3"
},
{
"version_value": "7.11.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.11.0"
},
{
"version_value": "7.11.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.11.3"
},
{
"version_value": "7.12.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.12.0"
},
{
"version_value": "7.12.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.12.3"
},
{
"version_value": "7.13.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.13.0"
},
{
"version_value": "7.13.1",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.13.1"
}
]
}
}
]
},
"vendor_name": "Atlassian"
"vendor_name" : "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "Several administrative resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers who have obtained access to administrator's session to access certain administrative resources without needing to re-authenticate to pass \"WebSudo\" through an improper access control vulnerability."
"lang" : "eng",
"value" : "Several administrative resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers who have obtained access to administrator's session to access certain administrative resources without needing to re-authenticate to pass \"WebSudo\" through an improper access control vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Improper Access Control"
"lang" : "eng",
"value" : "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-68138"
"name" : "https://jira.atlassian.com/browse/JRASERVER-68138",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/JRASERVER-68138"
}
]
}

120
2018/13xxx/CVE-2018-13401.json
View File

@ -1,117 +1,119 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-10-23T00:00:00",
"ID": "CVE-2018-13401",
"STATE": "PUBLIC"
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-10-23T00:00:00",
"ID" : "CVE-2018-13401",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Jira",
"version": {
"version_data": [
"product_name" : "Jira",
"version" : {
"version_data" : [
{
"version_value": "7.6.9",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.6.9"
},
{
"version_value": "7.7.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.7.0"
},
{
"version_value": "7.7.5",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.7.5"
},
{
"version_value": "7.8.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.8.0"
},
{
"version_value": "7.8.5",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.8.5"
},
{
"version_value": "7.9.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.9.0"
},
{
"version_value": "7.9.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.9.3"
},
{
"version_value": "7.10.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.10.0"
},
{
"version_value": "7.10.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.10.3"
},
{
"version_value": "7.11.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.11.0"
},
{
"version_value": "7.11.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.11.3"
},
{
"version_value": "7.12.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.12.0"
},
{
"version_value": "7.12.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.12.3"
},
{
"version_value": "7.13.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.13.0"
},
{
"version_value": "7.13.1",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.13.1"
}
]
}
}
]
},
"vendor_name": "Atlassian"
"vendor_name" : "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "The XsrfErrorAction resource in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allows remote attackers to obtain a user's Cross-site request forgery (CSRF) token through an open redirect vulnerability."
"lang" : "eng",
"value" : "The XsrfErrorAction resource in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allows remote attackers to obtain a user's Cross-site request forgery (CSRF) token through an open redirect vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "URL Redirection to Untrusted Site ('Open Redirect')"
"lang" : "eng",
"value" : "URL Redirection to Untrusted Site ('Open Redirect')"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-68139"
"name" : "https://jira.atlassian.com/browse/JRASERVER-68139",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/JRASERVER-68139"
}
]
}

120
2018/13xxx/CVE-2018-13402.json
View File

@ -1,117 +1,119 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-10-23T00:00:00",
"ID": "CVE-2018-13402",
"STATE": "PUBLIC"
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-10-23T00:00:00",
"ID" : "CVE-2018-13402",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Jira",
"version": {
"version_data": [
"product_name" : "Jira",
"version" : {
"version_data" : [
{
"version_value": "7.6.9",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.6.9"
},
{
"version_value": "7.7.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.7.0"
},
{
"version_value": "7.7.5",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.7.5"
},
{
"version_value": "7.8.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.8.0"
},
{
"version_value": "7.8.5",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.8.5"
},
{
"version_value": "7.9.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.9.0"
},
{
"version_value": "7.9.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.9.3"
},
{
"version_value": "7.10.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.10.0"
},
{
"version_value": "7.10.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.10.3"
},
{
"version_value": "7.11.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.11.0"
},
{
"version_value": "7.11.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.11.3"
},
{
"version_value": "7.12.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.12.0"
},
{
"version_value": "7.12.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.12.3"
},
{
"version_value": "7.13.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.13.0"
},
{
"version_value": "7.13.1",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.13.1"
}
]
}
}
]
},
"vendor_name": "Atlassian"
"vendor_name" : "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "Many resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers to attack users, in some cases be able to obtain a user's Cross-site request forgery (CSRF) token, via a open redirect vulnerability."
"lang" : "eng",
"value" : "Many resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers to attack users, in some cases be able to obtain a user's Cross-site request forgery (CSRF) token, via a open redirect vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "URL Redirection to Untrusted Site ('Open Redirect')"
"lang" : "eng",
"value" : "URL Redirection to Untrusted Site ('Open Redirect')"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-68140"
"name" : "https://jira.atlassian.com/browse/JRASERVER-68140",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/JRASERVER-68140"
}
]
}

6
2018/15xxx/CVE-2018-15366.json
View File

@ -53,12 +53,18 @@
"references" : {
"reference_data" : [
{
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1293/",
"refsource" : "MISC",
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1293/"
},
{
"name" : "https://esupport.trendmicro.com/en-US/home/pages/technical-support/1121296.aspx",
"refsource" : "CONFIRM",
"url" : "https://esupport.trendmicro.com/en-US/home/pages/technical-support/1121296.aspx"
},
{
"name" : "https://esupport.trendmicro.com/solution/ja-jp/1121350.aspx",
"refsource" : "CONFIRM",
"url" : "https://esupport.trendmicro.com/solution/ja-jp/1121350.aspx"
}
]

6
2018/15xxx/CVE-2018-15367.json
View File

@ -53,12 +53,18 @@
"references" : {
"reference_data" : [
{
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1294/",
"refsource" : "MISC",
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1294/"
},
{
"name" : "https://esupport.trendmicro.com/en-US/home/pages/technical-support/1121296.aspx",
"refsource" : "CONFIRM",
"url" : "https://esupport.trendmicro.com/en-US/home/pages/technical-support/1121296.aspx"
},
{
"name" : "https://esupport.trendmicro.com/solution/ja-jp/1121350.aspx",
"refsource" : "CONFIRM",
"url" : "https://esupport.trendmicro.com/solution/ja-jp/1121350.aspx"
}
]

6
2018/18xxx/CVE-2018-18327.json
View File

@ -53,12 +53,18 @@
"references" : {
"reference_data" : [
{
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1295/",
"refsource" : "MISC",
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1295/"
},
{
"name" : "https://esupport.trendmicro.com/en-US/home/pages/technical-support/1121296.aspx",
"refsource" : "CONFIRM",
"url" : "https://esupport.trendmicro.com/en-US/home/pages/technical-support/1121296.aspx"
},
{
"name" : "https://esupport.trendmicro.com/solution/ja-jp/1121350.aspx",
"refsource" : "CONFIRM",
"url" : "https://esupport.trendmicro.com/solution/ja-jp/1121350.aspx"
}
]

6
2018/18xxx/CVE-2018-18328.json
View File

@ -53,12 +53,18 @@
"references" : {
"reference_data" : [
{
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1296/",
"refsource" : "MISC",
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1296/"
},
{
"name" : "https://esupport.trendmicro.com/en-US/home/pages/technical-support/1121296.aspx",
"refsource" : "CONFIRM",
"url" : "https://esupport.trendmicro.com/en-US/home/pages/technical-support/1121296.aspx"
},
{
"name" : "https://esupport.trendmicro.com/solution/ja-jp/1121350.aspx",
"refsource" : "CONFIRM",
"url" : "https://esupport.trendmicro.com/solution/ja-jp/1121350.aspx"
}
]

6
2018/18xxx/CVE-2018-18329.json
View File

@ -53,12 +53,18 @@
"references" : {
"reference_data" : [
{
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1297/",
"refsource" : "MISC",
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1297/"
},
{
"name" : "https://esupport.trendmicro.com/en-US/home/pages/technical-support/1121296.aspx",
"refsource" : "CONFIRM",
"url" : "https://esupport.trendmicro.com/en-US/home/pages/technical-support/1121296.aspx"
},
{
"name" : "https://esupport.trendmicro.com/solution/ja-jp/1121350.aspx",
"refsource" : "CONFIRM",
"url" : "https://esupport.trendmicro.com/solution/ja-jp/1121350.aspx"
}
]

18
2018/18xxx/CVE-2018-18588.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-18588",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

2
2018/7xxx/CVE-2018-7911.json
View File

@ -53,6 +53,8 @@
"references" : {
"reference_data" : [
{
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180822-01-frpbypass-en",
"refsource" : "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180822-01-frpbypass-en"
}
]