IBM20180816-141649

Added CVE-2018-1712
2025-06-07 21:47:16 +00:00 · 2018-08-16 14:16:49 -04:00 · 2018-08-16 14:16:49 -04:00 · 058ce5aaf0
commit 058ce5aaf0
parent 1e2df3337b
1 changed files with 141 additions and 9 deletions
--- a/2018/1xxx/CVE-2018-1712.json
+++ b/2018/1xxx/CVE-2018-1712.json
@ -1,18 +1,150 @@
 {
   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
-      "ID" : "CVE-2018-1712",
-      "STATE" : "RESERVED"
+      "DATE_PUBLIC" : "2018-08-15T00:00:00",
+      "STATE" : "PUBLIC",
+      "ASSIGNER" : "psirt@us.ibm.com",
+      "ID" : "CVE-2018-1712"
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "url" : "https://www-01.ibm.com/support/docview.wss?uid=ibm10716169",
+            "refsource" : "CONFIRM",
+            "title" : "IBM Security Bulletin 0716169",
+            "name" : "https://www-01.ibm.com/support/docview.wss?uid=ibm10716169"
+         },
+         {
+            "name" : "ibm-api-cve20181712-ssrf (146370)",
+            "title" : "X-Force Vulnerability Report",
+            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/146370",
+            "refsource" : "XF"
+         }
+      ]
   },
-   "data_format" : "MITRE",
-   "data_type" : "CVE",
-   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
-            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+            "value" : "IBM API Connect's Developer Portal 5.0.0.0 through 5.0.8.3 is vulnerable to Server Side Request Forgery. An attacker, using specially crafted input parameters can trick the server into making potentially malicious calls within the trusted network.  IBM X-Force ID:  146370.",
+            "lang" : "eng"
         }
      ]
-   }
+   },
+   "data_version" : "4.0",
+   "impact" : {
+      "cvssv3" : {
+         "TM" : {
+            "RC" : "C",
+            "RL" : "O",
+            "E" : "U"
+         },
+         "BM" : {
+            "I" : "L",
+            "S" : "U",
+            "C" : "H",
+            "AC" : "L",
+            "UI" : "N",
+            "PR" : "N",
+            "AV" : "N",
+            "SCORE" : "8.600",
+            "A" : "L"
+         }
+      }
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "vendor_name" : "IBM",
+               "product" : {
+                  "product_data" : [
+                     {
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "5.0.1.0"
+                              },
+                              {
+                                 "version_value" : "5.0.0.0"
+                              },
+                              {
+                                 "version_value" : "5.0.0.1"
+                              },
+                              {
+                                 "version_value" : "5.0.2.0"
+                              },
+                              {
+                                 "version_value" : "5.0.5.0"
+                              },
+                              {
+                                 "version_value" : "5.0.6.0"
+                              },
+                              {
+                                 "version_value" : "5.0.6.1"
+                              },
+                              {
+                                 "version_value" : "5.0.6.2"
+                              },
+                              {
+                                 "version_value" : "5.0.7.0"
+                              },
+                              {
+                                 "version_value" : "5.0.7.1"
+                              },
+                              {
+                                 "version_value" : "5.0.3.0"
+                              },
+                              {
+                                 "version_value" : "5.0.4.0"
+                              },
+                              {
+                                 "version_value" : "5.0.7.2"
+                              },
+                              {
+                                 "version_value" : "5.0.6.3"
+                              },
+                              {
+                                 "version_value" : "5.0.6.4"
+                              },
+                              {
+                                 "version_value" : "5.0.8.0"
+                              },
+                              {
+                                 "version_value" : "5.0.8.1"
+                              },
+                              {
+                                 "version_value" : "5.0.6.5"
+                              },
+                              {
+                                 "version_value" : "5.0.6.6"
+                              },
+                              {
+                                 "version_value" : "5.0.8.2"
+                              },
+                              {
+                                 "version_value" : "5.0.8.3"
+                              }
+                           ]
+                        },
+                        "product_name" : "API Connect"
+                     }
+                  ]
+               }
+            }
+         ]
+      }
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "Obtain Information"
+               }
+            ]
+         }
+      ]
+   },
+   "data_type" : "CVE",
+   "data_format" : "MITRE"
 }