Publish CVE-2018-11050

2025-06-12 02:05:39 +00:00 · 2018-07-31 16:03:09 -04:00 · 2018-07-31 16:03:09 -04:00 · 0f072ed68c
commit 0f072ed68c
parent 995f3b8d57
1 changed files with 74 additions and 12 deletions
--- a/2018/11xxx/CVE-2018-11050.json
+++ b/2018/11xxx/CVE-2018-11050.json
@ -1,18 +1,80 @@
 {
-   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
-      "ID" : "CVE-2018-11050",
-      "STATE" : "RESERVED"
+   "CVE_data_meta": {
+      "ASSIGNER": "security_alert@emc.com",
+      "DATE_PUBLIC": "2018-07-25T04:00:00.000Z",
+      "ID": "CVE-2018-11050",
+      "STATE": "PUBLIC"
   },
-   "data_format" : "MITRE",
-   "data_type" : "CVE",
-   "data_version" : "4.0",
-   "description" : {
-      "description_data" : [
+   "affects": {
+      "vendor": {
+         "vendor_data": [
+            {
+               "product": {
+                  "product_data": [
+                     {
+                        "product_name": "Networker",
+                        "version": {
+                           "version_data": [
+                              {
+                                 "affected": "=",
+                                 "version_value": "9.0"
+                              },
+                              {
+                                 "affected": "<=",
+                                 "version_name": "9.1.1.X",
+                                 "version_value": "9.1.1.8"
+                              },
+                              {
+                                 "affected": "<=",
+                                 "version_name": "9.2.1.X",
+                                 "version_value": "9.2.1.3"
+                              },
+                              {
+                                 "affected": "=",
+                                 "version_value": "18.1.0.1"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name": "Dell EMC"
+            }
+         ]
+      }
+   },
+   "data_format": "MITRE",
+   "data_type": "CVE",
+   "data_version": "4.0",
+   "description": {
+      "description_data": [
         {
-            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+            "lang": "eng",
+            "value": "Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a Clear-Text \nauthentication over network vulnerability in the Rabbit MQ Advanced Message Queuing Protocol (AMQP) component. User \ncredentials are sent unencrypted to the remote AMQP service. An unauthenticated attacker in the same network collision \ndomain, could potentially sniff the password from the network and use it to access the component using the privileges \nof the compromised user.\n"
         }
      ]
+   },
+   "problemtype": {
+      "problemtype_data": [
+         {
+            "description": [
+               {
+                  "lang": "eng",
+                  "value": "Clear-Text authentication over network vulnerability"
+               }
+            ]
+         }
+      ]
+   },
+   "references": {
+      "reference_data": [
+         {
+            "refsource": "FULLDISC",
+            "url": "http://seclists.org/fulldisclosure/2018/Jul/92"
+         }
+      ]
+   },
+   "source": {
+      "discovery": "UNKNOWN"
   }
-}
+}