Adding CVE-2019-6517 content using CNA information provided on 2019-01-29T13:18:07.

2025-06-12 02:05:39 +00:00 · 2019-02-06 15:42:04 -05:00 · 2019-02-06 15:42:04 -05:00 · 0ec640ede8
commit 0ec640ede8
parent a43d613224
1 changed files with 46 additions and 3 deletions
--- a/2019/6xxx/CVE-2019-6517.json
+++ b/2019/6xxx/CVE-2019-6517.json
@ -1,8 +1,32 @@
 {
   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
+      "ASSIGNER" : "ics-cert@hq.dhs.gov",
+      "DATE_PUBLIC" : "2019-01-29T00:00:00",
      "ID" : "CVE-2019-6517",
-      "STATE" : "RESERVED"
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "BD FACSLyric",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "BD FACSLyric Research Use Only, Windows 10 Professional Operating System, U.S. and Malaysian Releases, between November 2017 and November 2018 and BD FACSLyric IVD Windows 10 Professional Operating System US release."
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "ICS-CERT"
+            }
+         ]
+      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
@ -11,7 +35,26 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+            "value" : "BD FACSLyric Research Use Only, Windows 10 Professional Operating System, U.S. and Malaysian Releases, between November 2017 and November 2018 and BD FACSLyric IVD Windows 10 Professional Operating System US release does not properly enforce user access control to privileged accounts, which may allow for unauthorized access to administrative level functions."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "IMPROPER ACCESS CONTROL CWE-284"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-19-029-02"
         }
      ]
   }