CVE-2019-10224 init

2025-06-12 02:05:39 +00:00 · 2019-11-25 16:14:30 +01:00 · 2019-11-25 16:14:30 +01:00 · 0c1d1d68be
commit 0c1d1d68be
parent 7d452f28d1
1 changed files with 60 additions and 4 deletions
--- a/2019/10xxx/CVE-2019-10224.json
+++ b/2019/10xxx/CVE-2019-10224.json
@ -4,15 +4,71 @@
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2019-10224",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "mrehak@redhat.com"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "389-ds-base",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "389-ds-base 1.4.x.x before 1.4.1.3"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-522"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://pagure.io/389-ds-base/issue/50251"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10224",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10224",
+                "refsource": "CONFIRM"
+            }
+        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information."
            }
        ]
+    },
+    "impact": {
+        "cvss": [
+            [
+                {
+                    "vectorString": "4.3/CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
+                    "version": "3.0"
+                }
+            ]
+        ]
    }
-}
+}