From 13c7fee2d70f3830b10f0a384fe042e5fd5ab259 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 15 Mar 2019 16:05:00 -0400 Subject: [PATCH] - Synchronized data. --- 2018/12xxx/CVE-2018-12100.json | 7 +- 2018/17xxx/CVE-2018-17882.json | 53 ++++++++++++- 2018/17xxx/CVE-2018-17955.json | 110 +++++++++++++-------------- 2018/17xxx/CVE-2018-17956.json | 110 +++++++++++++-------------- 2018/18xxx/CVE-2018-18205.json | 53 ++++++++++++- 2018/19xxx/CVE-2018-19595.json | 5 ++ 2018/20xxx/CVE-2018-20106.json | 110 +++++++++++++-------------- 2018/20xxx/CVE-2018-20250.json | 5 ++ 2018/20xxx/CVE-2018-20322.json | 2 +- 2018/20xxx/CVE-2018-20342.json | 5 ++ 2018/20xxx/CVE-2018-20418.json | 5 ++ 2018/20xxx/CVE-2018-20806.json | 18 +++++ 2019/1xxx/CVE-2019-1653.json | 10 +++ 2019/5xxx/CVE-2019-5616.json | 131 ++++++++++----------------------- 2019/9xxx/CVE-2019-9840.json | 18 +++++ 15 files changed, 379 insertions(+), 263 deletions(-) create mode 100644 2018/20xxx/CVE-2018-20806.json create mode 100644 2019/9xxx/CVE-2019-9840.json diff --git a/2018/12xxx/CVE-2018-12100.json b/2018/12xxx/CVE-2018-12100.json index 4027dbe6b37..763b77ae704 100644 --- a/2018/12xxx/CVE-2018-12100.json +++ b/2018/12xxx/CVE-2018-12100.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "Sonatype Nexus Repository Manager before 3.12.0 has XSS in multiple areas in the Administration UI." + "value" : "Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS in multiple areas in the Administration UI." } ] }, @@ -66,6 +66,11 @@ "name" : "https://issues.sonatype.org/secure/ReleaseNote.jspa?version=17493&projectId=10001", "refsource" : "CONFIRM", "url" : "https://issues.sonatype.org/secure/ReleaseNote.jspa?version=17493&projectId=10001" + }, + { + "name" : "https://support.sonatype.com/hc/en-us/articles/360018565994-CVE-2018-12100-Nexus-Repository-Manager-3-Cross-Site-Scripting-XSS-June-4th-2018", + "refsource" : "CONFIRM", + "url" : "https://support.sonatype.com/hc/en-us/articles/360018565994-CVE-2018-12100-Nexus-Repository-Manager-3-Cross-Site-Scripting-XSS-June-4th-2018" } ] } diff --git a/2018/17xxx/CVE-2018-17882.json b/2018/17xxx/CVE-2018-17882.json index 2405dff5cee..378af7e2989 100644 --- a/2018/17xxx/CVE-2018-17882.json +++ b/2018/17xxx/CVE-2018-17882.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-17882", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,33 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://etherscan.io/address/0x4daa9dc438a77bd59e8a43c6d46cbfe84cd04255#code", + "refsource" : "MISC", + "url" : "https://etherscan.io/address/0x4daa9dc438a77bd59e8a43c6d46cbfe84cd04255#code" + }, + { + "name" : "https://github.com/GreenFoxy/Smart-contract-Vulnerabilities/blob/master/BattleToken.md", + "refsource" : "MISC", + "url" : "https://github.com/GreenFoxy/Smart-contract-Vulnerabilities/blob/master/BattleToken.md" } ] } diff --git a/2018/17xxx/CVE-2018-17955.json b/2018/17xxx/CVE-2018-17955.json index 7649ccbc175..73f73d3a9c4 100644 --- a/2018/17xxx/CVE-2018-17955.json +++ b/2018/17xxx/CVE-2018-17955.json @@ -1,94 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@suse.de", - "DATE_PUBLIC": "2019-01-07T00:00:00.000Z", - "ID": "CVE-2018-17955", - "STATE": "PUBLIC", - "TITLE": "Static tempfile name allows overwriting of arbitrary files" + "CVE_data_meta" : { + "ASSIGNER" : "security@suse.de", + "DATE_PUBLIC" : "2019-01-07T00:00:00.000Z", + "ID" : "CVE-2018-17955", + "STATE" : "PUBLIC", + "TITLE" : "Static tempfile name allows overwriting of arbitrary files" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "yast2-multipath", - "version": { - "version_data": [ + "product_name" : "yast2-multipath", + "version" : { + "version_data" : [ { - "affected": "<", - "version_value": "4.1.1" + "affected" : "<", + "version_value" : "4.1.1" } ] } } ] }, - "vendor_name": "SUSE" + "vendor_name" : "SUSE" } ] } }, - "credit": [ + "credit" : [ { - "lang": "eng", - "value": "Johannes Segitz of SUSE" + "lang" : "eng", + "value" : "Johannes Segitz of SUSE" } ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection" + "lang" : "eng", + "value" : "In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection" } ] }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "LOCAL", - "availabilityImpact": "NONE", - "baseScore": 2.2, - "baseSeverity": "LOW", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", - "version": "3.0" + "impact" : { + "cvss" : { + "attackComplexity" : "HIGH", + "attackVector" : "LOCAL", + "availabilityImpact" : "NONE", + "baseScore" : 2.2, + "baseSeverity" : "LOW", + "confidentialityImpact" : "NONE", + "integrityImpact" : "LOW", + "privilegesRequired" : "LOW", + "scope" : "UNCHANGED", + "userInteraction" : "REQUIRED", + "vectorString" : "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", + "version" : "3.0" } }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-377" + "lang" : "eng", + "value" : "CWE-377" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "https://bugzilla.suse.com/show_bug.cgi?id=1117592", - "refsource": "CONFIRM", - "url": "https://bugzilla.suse.com/show_bug.cgi?id=1117592" + "name" : "https://bugzilla.suse.com/show_bug.cgi?id=1117592", + "refsource" : "CONFIRM", + "url" : "https://bugzilla.suse.com/show_bug.cgi?id=1117592" } ] }, - "source": { - "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1117592", - "defect": [ + "source" : { + "advisory" : "https://bugzilla.suse.com/show_bug.cgi?id=1117592", + "defect" : [ "1117592" ], - "discovery": "INTERNAL" + "discovery" : "INTERNAL" } } diff --git a/2018/17xxx/CVE-2018-17956.json b/2018/17xxx/CVE-2018-17956.json index 567b996ab22..db3aca4f0dd 100644 --- a/2018/17xxx/CVE-2018-17956.json +++ b/2018/17xxx/CVE-2018-17956.json @@ -1,94 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@suse.de", - "DATE_PUBLIC": "2019-01-07T00:00:00.000Z", - "ID": "CVE-2018-17956", - "STATE": "PUBLIC", - "TITLE": "Password exposed in process listing" + "CVE_data_meta" : { + "ASSIGNER" : "security@suse.de", + "DATE_PUBLIC" : "2019-01-07T00:00:00.000Z", + "ID" : "CVE-2018-17956", + "STATE" : "PUBLIC", + "TITLE" : "Password exposed in process listing" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "yast2-samba-provision", - "version": { - "version_data": [ + "product_name" : "yast2-samba-provision", + "version" : { + "version_data" : [ { - "affected": "<=", - "version_value": "1.0.1" + "affected" : "<=", + "version_value" : "1.0.1" } ] } } ] }, - "vendor_name": "SUSE" + "vendor_name" : "SUSE" } ] } }, - "credit": [ + "credit" : [ { - "lang": "eng", - "value": "Johannes Segitz of SUSE" + "lang" : "eng", + "value" : "Johannes Segitz of SUSE" } ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "In yast2-samba-provision up to and including version 1.0.1 the password for samba shares was provided on the command line to tools used by yast2-samba-provision, allowing local attackers to read them in the process list" + "lang" : "eng", + "value" : "In yast2-samba-provision up to and including version 1.0.1 the password for samba shares was provided on the command line to tools used by yast2-samba-provision, allowing local attackers to read them in the process list" } ] }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", - "version": "3.0" + "impact" : { + "cvss" : { + "attackComplexity" : "LOW", + "attackVector" : "LOCAL", + "availabilityImpact" : "NONE", + "baseScore" : 3.3, + "baseSeverity" : "LOW", + "confidentialityImpact" : "LOW", + "integrityImpact" : "NONE", + "privilegesRequired" : "LOW", + "scope" : "UNCHANGED", + "userInteraction" : "NONE", + "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version" : "3.0" } }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-214" + "lang" : "eng", + "value" : "CWE-214" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "https://bugzilla.suse.com/show_bug.cgi?id=1117597", - "refsource": "CONFIRM", - "url": "https://bugzilla.suse.com/show_bug.cgi?id=1117597" + "name" : "https://bugzilla.suse.com/show_bug.cgi?id=1117597", + "refsource" : "CONFIRM", + "url" : "https://bugzilla.suse.com/show_bug.cgi?id=1117597" } ] }, - "source": { - "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1117597", - "defect": [ + "source" : { + "advisory" : "https://bugzilla.suse.com/show_bug.cgi?id=1117597", + "defect" : [ "1117597" ], - "discovery": "INTERNAL" + "discovery" : "INTERNAL" } } diff --git a/2018/18xxx/CVE-2018-18205.json b/2018/18xxx/CVE-2018-18205.json index 8070350e25b..1d4de38aa7a 100644 --- a/2018/18xxx/CVE-2018-18205.json +++ b/2018/18xxx/CVE-2018-18205.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-18205", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,33 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Topvision CC8800 CMTS C-E devices allow remote attackers to obtain sensitive information via a direct request for /WebContent/startup.tar.gz with userName=admin in a cookie." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.cnvd.org.cn/flaw/show/1420913", + "refsource" : "MISC", + "url" : "http://www.cnvd.org.cn/flaw/show/1420913" + }, + { + "name" : "https://github.com/pudding2/CC8800-CMTS", + "refsource" : "MISC", + "url" : "https://github.com/pudding2/CC8800-CMTS" } ] } diff --git a/2018/19xxx/CVE-2018-19595.json b/2018/19xxx/CVE-2018-19595.json index b45e91117ca..016a27c6651 100644 --- a/2018/19xxx/CVE-2018-19595.json +++ b/2018/19xxx/CVE-2018-19595.json @@ -56,6 +56,11 @@ "name" : "http://www.ttk7.cn/post-107.html", "refsource" : "MISC", "url" : "http://www.ttk7.cn/post-107.html" + }, + { + "name" : "https://www.pbootcms.com/changelog.html", + "refsource" : "CONFIRM", + "url" : "https://www.pbootcms.com/changelog.html" } ] } diff --git a/2018/20xxx/CVE-2018-20106.json b/2018/20xxx/CVE-2018-20106.json index 7e401517e99..bf813de048b 100644 --- a/2018/20xxx/CVE-2018-20106.json +++ b/2018/20xxx/CVE-2018-20106.json @@ -1,94 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@suse.de", - "DATE_PUBLIC": "2018-11-06T00:00:00.000Z", - "ID": "CVE-2018-20106", - "STATE": "PUBLIC", - "TITLE": "SMB printer settings don't escape characters in passwords properly" + "CVE_data_meta" : { + "ASSIGNER" : "security@suse.de", + "DATE_PUBLIC" : "2018-11-06T00:00:00.000Z", + "ID" : "CVE-2018-20106", + "STATE" : "PUBLIC", + "TITLE" : "SMB printer settings don't escape characters in passwords properly" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "yast2-printer", - "version": { - "version_data": [ + "product_name" : "yast2-printer", + "version" : { + "version_data" : [ { - "affected": "<=", - "version_value": "4.0.2" + "affected" : "<=", + "version_value" : "4.0.2" } ] } } ] }, - "vendor_name": "SUSE" + "vendor_name" : "SUSE" } ] } }, - "credit": [ + "credit" : [ { - "lang": "eng", - "value": " Dainius Masiliunas" + "lang" : "eng", + "value" : " Dainius Masiliunas" } ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "In yast2-printer up to and including version 4.0.2 the SMB printer settings don't escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast." + "lang" : "eng", + "value" : "In yast2-printer up to and including version 4.0.2 the SMB printer settings don't escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast." } ] }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "HIGH", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + "impact" : { + "cvss" : { + "attackComplexity" : "LOW", + "attackVector" : "LOCAL", + "availabilityImpact" : "HIGH", + "baseScore" : 6.5, + "baseSeverity" : "MEDIUM", + "confidentialityImpact" : "HIGH", + "integrityImpact" : "HIGH", + "privilegesRequired" : "HIGH", + "scope" : "UNCHANGED", + "userInteraction" : "REQUIRED", + "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", + "version" : "3.0" } }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-78" + "lang" : "eng", + "value" : "CWE-78" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "https://bugzilla.suse.com/show_bug.cgi?id=1114853", - "refsource": "CONFIRM", - "url": "https://bugzilla.suse.com/show_bug.cgi?id=1114853" + "name" : "https://bugzilla.suse.com/show_bug.cgi?id=1114853", + "refsource" : "CONFIRM", + "url" : "https://bugzilla.suse.com/show_bug.cgi?id=1114853" } ] }, - "source": { - "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1114853", - "defect": [ + "source" : { + "advisory" : "https://bugzilla.suse.com/show_bug.cgi?id=1114853", + "defect" : [ "1114853" ], - "discovery": "USER" + "discovery" : "USER" } } diff --git a/2018/20xxx/CVE-2018-20250.json b/2018/20xxx/CVE-2018-20250.json index cc3f2058e2d..441b14825f8 100644 --- a/2018/20xxx/CVE-2018-20250.json +++ b/2018/20xxx/CVE-2018-20250.json @@ -63,6 +63,11 @@ "refsource" : "MISC", "url" : "https://research.checkpoint.com/extracting-code-execution-from-winrar/" }, + { + "name" : "https://github.com/blau72/CVE-2018-20250-WinRAR-ACE", + "refsource" : "MISC", + "url" : "https://github.com/blau72/CVE-2018-20250-WinRAR-ACE" + }, { "name" : "106948", "refsource" : "BID", diff --git a/2018/20xxx/CVE-2018-20322.json b/2018/20xxx/CVE-2018-20322.json index 46a4c49d5b6..a43ff3529a6 100644 --- a/2018/20xxx/CVE-2018-20322.json +++ b/2018/20xxx/CVE-2018-20322.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "LimeSurvey contains an XSS vulnerability while uploading a ZIP file, resulting in JavaScript code execution against LimeSurvey admins." + "value" : "LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators. Fixed in version 3.15.6." } ] }, diff --git a/2018/20xxx/CVE-2018-20342.json b/2018/20xxx/CVE-2018-20342.json index 1ec48d9715a..e1ca6d7d9e0 100644 --- a/2018/20xxx/CVE-2018-20342.json +++ b/2018/20xxx/CVE-2018-20342.json @@ -56,6 +56,11 @@ "name" : "http://neolex-security.fr/article/obtenir-un-shell-root-par-les-ports-uart-sur-une-camera-ip-floureon/", "refsource" : "MISC", "url" : "http://neolex-security.fr/article/obtenir-un-shell-root-par-les-ports-uart-sur-une-camera-ip-floureon/" + }, + { + "name" : "https://neolex-security.fr/blog/8/", + "refsource" : "MISC", + "url" : "https://neolex-security.fr/blog/8/" } ] } diff --git a/2018/20xxx/CVE-2018-20418.json b/2018/20xxx/CVE-2018-20418.json index 17b84feab56..c792aef4c8b 100644 --- a/2018/20xxx/CVE-2018-20418.json +++ b/2018/20xxx/CVE-2018-20418.json @@ -66,6 +66,11 @@ "name" : "https://github.com/rdincel1/Craft-CMS-3.0.25---Cross-Site-Scripting", "refsource" : "MISC", "url" : "https://github.com/rdincel1/Craft-CMS-3.0.25---Cross-Site-Scripting" + }, + { + "name" : "https://www.raifberkaydincel.com/craft-cms-3-0-25-cross-site-scripting-vulnerability.html", + "refsource" : "MISC", + "url" : "https://www.raifberkaydincel.com/craft-cms-3-0-25-cross-site-scripting-vulnerability.html" } ] } diff --git a/2018/20xxx/CVE-2018-20806.json b/2018/20xxx/CVE-2018-20806.json new file mode 100644 index 00000000000..93c8932ae56 --- /dev/null +++ b/2018/20xxx/CVE-2018-20806.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20806", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/1xxx/CVE-2019-1653.json b/2019/1xxx/CVE-2019-1653.json index 180171c2390..b55b23b5de3 100644 --- a/2019/1xxx/CVE-2019-1653.json +++ b/2019/1xxx/CVE-2019-1653.json @@ -72,6 +72,16 @@ "refsource" : "EXPLOIT-DB", "url" : "https://www.exploit-db.com/exploits/46262/" }, + { + "name" : "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/", + "refsource" : "MISC", + "url" : "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/" + }, + { + "name" : "https://www.youtube.com/watch?v=bx0RQJDlGbY", + "refsource" : "MISC", + "url" : "https://www.youtube.com/watch?v=bx0RQJDlGbY" + }, { "name" : "20190123 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability", "refsource" : "CISCO", diff --git a/2019/5xxx/CVE-2019-5616.json b/2019/5xxx/CVE-2019-5616.json index 701faaef4a0..abdfdb51ee6 100644 --- a/2019/5xxx/CVE-2019-5616.json +++ b/2019/5xxx/CVE-2019-5616.json @@ -1,113 +1,60 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@rapid7.com", - "DATE_PUBLIC": "2019-03-12T15:00:00.000Z", - "ID": "CVE-2019-5616", - "STATE": "PUBLIC", - "TITLE": "CircuitWerkes Sicon-8 Client-Side Authentication Read-Only Bypass" + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "DATE_PUBLIC" : "2019-03-12T15:00:00.000Z", + "ID" : "CVE-2019-5616", + "STATE" : "RESERVED", + "TITLE" : "CircuitWerkes Sicon-8 Client-Side Authentication Read-Only Bypass" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Sicon-8", - "version": { - "version_data": [ - { - "version_name": "1.72", - "version_value": "1.72" - } - ] - } - } - ] - }, - "vendor_name": "CircuitWerkes, Inc." - } - ] - } - }, - "credit": [ + "credit" : [ { - "lang": "eng", - "value": "This issue was discovered and reported by independent researcher Ph055a, and was validated and disclosed by Rapid7's Coordinated Vulnerability Disclosure program." + "lang" : "eng", + "value" : "This issue was discovered and reported by independent researcher Ph055a, and was validated and disclosed by Rapid7's Coordinated Vulnerability Disclosure program." } ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser." + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] }, - "exploit": [ + "exploit" : [ { - "lang": "eng", - "value": "Because authentication is implemented as a JavaScript function that merely redirects the user away from the web app interface, rather than relying on session tokens or other more modern access controls, an attacker can navigate to http://address:port/index.htm using a standard web browser, and just before the page is fully rendered, hit the escape key to prevent the window.location redirect from executing. Once the page is rendered, the attacker can read all of the configured labels of a Sicon-8 device and retrieve the status of the labeled interfaces." + "lang" : "eng", + "value" : "Because authentication is implemented as a JavaScript function that merely redirects the user away from the web app interface, rather than relying on session tokens or other more modern access controls, an attacker can navigate to http://address:port/index.htm using a standard web browser, and just before the page is fully rendered, hit the escape key to prevent the window.location redirect from executing. Once the page is rendered, the attacker can read all of the configured labels of a Sicon-8 device and retrieve the status of the labeled interfaces." } ], - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", - "version": "3.0" + "impact" : { + "cvss" : { + "attackComplexity" : "LOW", + "attackVector" : "NETWORK", + "availabilityImpact" : "NONE", + "baseScore" : 5.3, + "baseSeverity" : "MEDIUM", + "confidentialityImpact" : "LOW", + "integrityImpact" : "NONE", + "privilegesRequired" : "NONE", + "scope" : "UNCHANGED", + "userInteraction" : "NONE", + "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version" : "3.0" } }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-603" - } - ] - }, - { - "description": [ - { - "lang": "eng", - "value": "Use of Client-Side Authentication" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://blog.rapid7.com/2019/03/12/r7-2019-01-circuitwerkes-sicon-8-client-side-authentication-read-only-bypass-cve-2019-5616/", - "refsource": "MISC", - "url": "https://blog.rapid7.com/2019/03/12/r7-2019-01-circuitwerkes-sicon-8-client-side-authentication-read-only-bypass-cve-2019-5616/" - } - ] - }, - "source": { - "defect": [ + "source" : { + "defect" : [ "R7-2019-01" ], - "discovery": "EXTERNAL" + "discovery" : "EXTERNAL" }, - "work_around": [ + "work_around" : [ { - "lang": "eng", - "value": "Users of the Sicon-8 should not expose the web-based management console to untrusted networks." + "lang" : "eng", + "value" : "Users of the Sicon-8 should not expose the web-based management console to untrusted networks." } ] } diff --git a/2019/9xxx/CVE-2019-9840.json b/2019/9xxx/CVE-2019-9840.json new file mode 100644 index 00000000000..daa12e1335d --- /dev/null +++ b/2019/9xxx/CVE-2019-9840.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9840", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +}