admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-07 21:47:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2019-03-15 16:05:00 -04:00
parent 1743ccd744
commit 13c7fee2d7
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
15 changed files with 379 additions and 263 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2018/12xxx/CVE-2018-12100.json
View File

@ -34,7 +34,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "Sonatype Nexus Repository Manager before 3.12.0 has XSS in multiple areas in the Administration UI." "value" : "Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS in multiple areas in the Administration UI."
} }
] ]
}, },
@ -66,6 +66,11 @@
"name" : "https://issues.sonatype.org/secure/ReleaseNote.jspa?version=17493&projectId=10001", "name" : "https://issues.sonatype.org/secure/ReleaseNote.jspa?version=17493&projectId=10001",
"refsource" : "CONFIRM", "refsource" : "CONFIRM",
"url" : "https://issues.sonatype.org/secure/ReleaseNote.jspa?version=17493&projectId=10001" "url" : "https://issues.sonatype.org/secure/ReleaseNote.jspa?version=17493&projectId=10001"
},
{
"name" : "https://support.sonatype.com/hc/en-us/articles/360018565994-CVE-2018-12100-Nexus-Repository-Manager-3-Cross-Site-Scripting-XSS-June-4th-2018",
"refsource" : "CONFIRM",
"url" : "https://support.sonatype.com/hc/en-us/articles/360018565994-CVE-2018-12100-Nexus-Repository-Manager-3-Cross-Site-Scripting-XSS-June-4th-2018"
} }
] ]
} }

53
2018/17xxx/CVE-2018-17882.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-17882", "ID" : "CVE-2018-17882",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,33 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://etherscan.io/address/0x4daa9dc438a77bd59e8a43c6d46cbfe84cd04255#code",
"refsource" : "MISC",
"url" : "https://etherscan.io/address/0x4daa9dc438a77bd59e8a43c6d46cbfe84cd04255#code"
},
{
"name" : "https://github.com/GreenFoxy/Smart-contract-Vulnerabilities/blob/master/BattleToken.md",
"refsource" : "MISC",
"url" : "https://github.com/GreenFoxy/Smart-contract-Vulnerabilities/blob/master/BattleToken.md"
} }
] ]
} }

110
2018/17xxx/CVE-2018-17955.json
View File

@ -1,94 +1,94 @@
{ {
"CVE_data_meta": { "CVE_data_meta" : {
"ASSIGNER": "security@suse.de", "ASSIGNER" : "security@suse.de",
"DATE_PUBLIC": "2019-01-07T00:00:00.000Z", "DATE_PUBLIC" : "2019-01-07T00:00:00.000Z",
"ID": "CVE-2018-17955", "ID" : "CVE-2018-17955",
"STATE": "PUBLIC", "STATE" : "PUBLIC",
"TITLE": "Static tempfile name allows overwriting of arbitrary files" "TITLE" : "Static tempfile name allows overwriting of arbitrary files"
}, },
"affects": { "affects" : {
"vendor": { "vendor" : {
"vendor_data": [ "vendor_data" : [
{ {
"product": { "product" : {
"product_data": [ "product_data" : [
{ {
"product_name": "yast2-multipath", "product_name" : "yast2-multipath",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"affected": "<", "affected" : "<",
"version_value": "4.1.1" "version_value" : "4.1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name": "SUSE" "vendor_name" : "SUSE"
} }
] ]
} }
}, },
"credit": [ "credit" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "Johannes Segitz of SUSE" "value" : "Johannes Segitz of SUSE"
} }
], ],
"data_format": "MITRE", "data_format" : "MITRE",
"data_type": "CVE", "data_type" : "CVE",
"data_version": "4.0", "data_version" : "4.0",
"description": { "description" : {
"description_data": [ "description_data" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection" "value" : "In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection"
} }
] ]
}, },
"impact": { "impact" : {
"cvss": { "cvss" : {
"attackComplexity": "HIGH", "attackComplexity" : "HIGH",
"attackVector": "LOCAL", "attackVector" : "LOCAL",
"availabilityImpact": "NONE", "availabilityImpact" : "NONE",
"baseScore": 2.2, "baseScore" : 2.2,
"baseSeverity": "LOW", "baseSeverity" : "LOW",
"confidentialityImpact": "NONE", "confidentialityImpact" : "NONE",
"integrityImpact": "LOW", "integrityImpact" : "LOW",
"privilegesRequired": "LOW", "privilegesRequired" : "LOW",
"scope": "UNCHANGED", "scope" : "UNCHANGED",
"userInteraction": "REQUIRED", "userInteraction" : "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", "vectorString" : "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0" "version" : "3.0"
} }
}, },
"problemtype": { "problemtype" : {
"problemtype_data": [ "problemtype_data" : [
{ {
"description": [ "description" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "CWE-377" "value" : "CWE-377"
} }
] ]
} }
] ]
}, },
"references": { "references" : {
"reference_data": [ "reference_data" : [
{ {
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1117592", "name" : "https://bugzilla.suse.com/show_bug.cgi?id=1117592",
"refsource": "CONFIRM", "refsource" : "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1117592" "url" : "https://bugzilla.suse.com/show_bug.cgi?id=1117592"
} }
] ]
}, },
"source": { "source" : {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1117592", "advisory" : "https://bugzilla.suse.com/show_bug.cgi?id=1117592",
"defect": [ "defect" : [
"1117592" "1117592"
], ],
"discovery": "INTERNAL" "discovery" : "INTERNAL"
} }
} }

110
2018/17xxx/CVE-2018-17956.json
View File

@ -1,94 +1,94 @@
{ {
"CVE_data_meta": { "CVE_data_meta" : {
"ASSIGNER": "security@suse.de", "ASSIGNER" : "security@suse.de",
"DATE_PUBLIC": "2019-01-07T00:00:00.000Z", "DATE_PUBLIC" : "2019-01-07T00:00:00.000Z",
"ID": "CVE-2018-17956", "ID" : "CVE-2018-17956",
"STATE": "PUBLIC", "STATE" : "PUBLIC",
"TITLE": "Password exposed in process listing" "TITLE" : "Password exposed in process listing"
}, },
"affects": { "affects" : {
"vendor": { "vendor" : {
"vendor_data": [ "vendor_data" : [
{ {
"product": { "product" : {
"product_data": [ "product_data" : [
{ {
"product_name": "yast2-samba-provision", "product_name" : "yast2-samba-provision",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"affected": "<=", "affected" : "<=",
"version_value": "1.0.1" "version_value" : "1.0.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name": "SUSE" "vendor_name" : "SUSE"
} }
] ]
} }
}, },
"credit": [ "credit" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "Johannes Segitz of SUSE" "value" : "Johannes Segitz of SUSE"
} }
], ],
"data_format": "MITRE", "data_format" : "MITRE",
"data_type": "CVE", "data_type" : "CVE",
"data_version": "4.0", "data_version" : "4.0",
"description": { "description" : {
"description_data": [ "description_data" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "In yast2-samba-provision up to and including version 1.0.1 the password for samba shares was provided on the command line to tools used by yast2-samba-provision, allowing local attackers to read them in the process list" "value" : "In yast2-samba-provision up to and including version 1.0.1 the password for samba shares was provided on the command line to tools used by yast2-samba-provision, allowing local attackers to read them in the process list"
} }
] ]
}, },
"impact": { "impact" : {
"cvss": { "cvss" : {
"attackComplexity": "LOW", "attackComplexity" : "LOW",
"attackVector": "LOCAL", "attackVector" : "LOCAL",
"availabilityImpact": "NONE", "availabilityImpact" : "NONE",
"baseScore": 3.3, "baseScore" : 3.3,
"baseSeverity": "LOW", "baseSeverity" : "LOW",
"confidentialityImpact": "LOW", "confidentialityImpact" : "LOW",
"integrityImpact": "NONE", "integrityImpact" : "NONE",
"privilegesRequired": "LOW", "privilegesRequired" : "LOW",
"scope": "UNCHANGED", "scope" : "UNCHANGED",
"userInteraction": "NONE", "userInteraction" : "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0" "version" : "3.0"
} }
}, },
"problemtype": { "problemtype" : {
"problemtype_data": [ "problemtype_data" : [
{ {
"description": [ "description" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "CWE-214" "value" : "CWE-214"
} }
] ]
} }
] ]
}, },
"references": { "references" : {
"reference_data": [ "reference_data" : [
{ {
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1117597", "name" : "https://bugzilla.suse.com/show_bug.cgi?id=1117597",
"refsource": "CONFIRM", "refsource" : "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1117597" "url" : "https://bugzilla.suse.com/show_bug.cgi?id=1117597"
} }
] ]
}, },
"source": { "source" : {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1117597", "advisory" : "https://bugzilla.suse.com/show_bug.cgi?id=1117597",
"defect": [ "defect" : [
"1117597" "1117597"
], ],
"discovery": "INTERNAL" "discovery" : "INTERNAL"
} }
} }

53
2018/18xxx/CVE-2018-18205.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-18205", "ID" : "CVE-2018-18205",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,33 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "Topvision CC8800 CMTS C-E devices allow remote attackers to obtain sensitive information via a direct request for /WebContent/startup.tar.gz with userName=admin in a cookie."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.cnvd.org.cn/flaw/show/1420913",
"refsource" : "MISC",
"url" : "http://www.cnvd.org.cn/flaw/show/1420913"
},
{
"name" : "https://github.com/pudding2/CC8800-CMTS",
"refsource" : "MISC",
"url" : "https://github.com/pudding2/CC8800-CMTS"
} }
] ]
} }

5
2018/19xxx/CVE-2018-19595.json
View File

@ -56,6 +56,11 @@
"name" : "http://www.ttk7.cn/post-107.html", "name" : "http://www.ttk7.cn/post-107.html",
"refsource" : "MISC", "refsource" : "MISC",
"url" : "http://www.ttk7.cn/post-107.html" "url" : "http://www.ttk7.cn/post-107.html"
},
{
"name" : "https://www.pbootcms.com/changelog.html",
"refsource" : "CONFIRM",
"url" : "https://www.pbootcms.com/changelog.html"
} }
] ]
} }

110
2018/20xxx/CVE-2018-20106.json
View File

@ -1,94 +1,94 @@
{ {
"CVE_data_meta": { "CVE_data_meta" : {
"ASSIGNER": "security@suse.de", "ASSIGNER" : "security@suse.de",
"DATE_PUBLIC": "2018-11-06T00:00:00.000Z", "DATE_PUBLIC" : "2018-11-06T00:00:00.000Z",
"ID": "CVE-2018-20106", "ID" : "CVE-2018-20106",
"STATE": "PUBLIC", "STATE" : "PUBLIC",
"TITLE": "SMB printer settings don't escape characters in passwords properly" "TITLE" : "SMB printer settings don't escape characters in passwords properly"
}, },
"affects": { "affects" : {
"vendor": { "vendor" : {
"vendor_data": [ "vendor_data" : [
{ {
"product": { "product" : {
"product_data": [ "product_data" : [
{ {
"product_name": "yast2-printer", "product_name" : "yast2-printer",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"affected": "<=", "affected" : "<=",
"version_value": "4.0.2" "version_value" : "4.0.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name": "SUSE" "vendor_name" : "SUSE"
} }
] ]
} }
}, },
"credit": [ "credit" : [
{ {
"lang": "eng", "lang" : "eng",
"value": " Dainius Masiliunas" "value" : " Dainius Masiliunas"
} }
], ],
"data_format": "MITRE", "data_format" : "MITRE",
"data_type": "CVE", "data_type" : "CVE",
"data_version": "4.0", "data_version" : "4.0",
"description": { "description" : {
"description_data": [ "description_data" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "In yast2-printer up to and including version 4.0.2 the SMB printer settings don't escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast." "value" : "In yast2-printer up to and including version 4.0.2 the SMB printer settings don't escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast."
} }
] ]
}, },
"impact": { "impact" : {
"cvss": { "cvss" : {
"attackComplexity": "LOW", "attackComplexity" : "LOW",
"attackVector": "LOCAL", "attackVector" : "LOCAL",
"availabilityImpact": "HIGH", "availabilityImpact" : "HIGH",
"baseScore": 6.5, "baseScore" : 6.5,
"baseSeverity": "MEDIUM", "baseSeverity" : "MEDIUM",
"confidentialityImpact": "HIGH", "confidentialityImpact" : "HIGH",
"integrityImpact": "HIGH", "integrityImpact" : "HIGH",
"privilegesRequired": "HIGH", "privilegesRequired" : "HIGH",
"scope": "UNCHANGED", "scope" : "UNCHANGED",
"userInteraction": "REQUIRED", "userInteraction" : "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0" "version" : "3.0"
} }
}, },
"problemtype": { "problemtype" : {
"problemtype_data": [ "problemtype_data" : [
{ {
"description": [ "description" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "CWE-78" "value" : "CWE-78"
} }
] ]
} }
] ]
}, },
"references": { "references" : {
"reference_data": [ "reference_data" : [
{ {
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1114853", "name" : "https://bugzilla.suse.com/show_bug.cgi?id=1114853",
"refsource": "CONFIRM", "refsource" : "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1114853" "url" : "https://bugzilla.suse.com/show_bug.cgi?id=1114853"
} }
] ]
}, },
"source": { "source" : {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1114853", "advisory" : "https://bugzilla.suse.com/show_bug.cgi?id=1114853",
"defect": [ "defect" : [
"1114853" "1114853"
], ],
"discovery": "USER" "discovery" : "USER"
} }
} }

5
2018/20xxx/CVE-2018-20250.json
View File

@ -63,6 +63,11 @@
"refsource" : "MISC", "refsource" : "MISC",
"url" : "https://research.checkpoint.com/extracting-code-execution-from-winrar/" "url" : "https://research.checkpoint.com/extracting-code-execution-from-winrar/"
}, },
{
"name" : "https://github.com/blau72/CVE-2018-20250-WinRAR-ACE",
"refsource" : "MISC",
"url" : "https://github.com/blau72/CVE-2018-20250-WinRAR-ACE"
},
{ {
"name" : "106948", "name" : "106948",
"refsource" : "BID", "refsource" : "BID",

2
2018/20xxx/CVE-2018-20322.json
View File

@ -34,7 +34,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "LimeSurvey contains an XSS vulnerability while uploading a ZIP file, resulting in JavaScript code execution against LimeSurvey admins." "value" : "LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators. Fixed in version 3.15.6."
} }
] ]
}, },

5
2018/20xxx/CVE-2018-20342.json
View File

@ -56,6 +56,11 @@
"name" : "http://neolex-security.fr/article/obtenir-un-shell-root-par-les-ports-uart-sur-une-camera-ip-floureon/", "name" : "http://neolex-security.fr/article/obtenir-un-shell-root-par-les-ports-uart-sur-une-camera-ip-floureon/",
"refsource" : "MISC", "refsource" : "MISC",
"url" : "http://neolex-security.fr/article/obtenir-un-shell-root-par-les-ports-uart-sur-une-camera-ip-floureon/" "url" : "http://neolex-security.fr/article/obtenir-un-shell-root-par-les-ports-uart-sur-une-camera-ip-floureon/"
},
{
"name" : "https://neolex-security.fr/blog/8/",
"refsource" : "MISC",
"url" : "https://neolex-security.fr/blog/8/"
} }
] ]
} }

5
2018/20xxx/CVE-2018-20418.json
View File

@ -66,6 +66,11 @@
"name" : "https://github.com/rdincel1/Craft-CMS-3.0.25---Cross-Site-Scripting", "name" : "https://github.com/rdincel1/Craft-CMS-3.0.25---Cross-Site-Scripting",
"refsource" : "MISC", "refsource" : "MISC",
"url" : "https://github.com/rdincel1/Craft-CMS-3.0.25---Cross-Site-Scripting" "url" : "https://github.com/rdincel1/Craft-CMS-3.0.25---Cross-Site-Scripting"
},
{
"name" : "https://www.raifberkaydincel.com/craft-cms-3-0-25-cross-site-scripting-vulnerability.html",
"refsource" : "MISC",
"url" : "https://www.raifberkaydincel.com/craft-cms-3-0-25-cross-site-scripting-vulnerability.html"
} }
] ]
} }

18
2018/20xxx/CVE-2018-20806.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20806",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

10
2019/1xxx/CVE-2019-1653.json
View File

@ -72,6 +72,16 @@
"refsource" : "EXPLOIT-DB", "refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46262/" "url" : "https://www.exploit-db.com/exploits/46262/"
}, },
{
"name" : "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/",
"refsource" : "MISC",
"url" : "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/"
},
{
"name" : "https://www.youtube.com/watch?v=bx0RQJDlGbY",
"refsource" : "MISC",
"url" : "https://www.youtube.com/watch?v=bx0RQJDlGbY"
},
{ {
"name" : "20190123 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability", "name" : "20190123 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability",
"refsource" : "CISCO", "refsource" : "CISCO",

131
2019/5xxx/CVE-2019-5616.json
View File

@ -1,113 +1,60 @@
{ {
"CVE_data_meta": { "CVE_data_meta" : {
"ASSIGNER": "cve@rapid7.com", "ASSIGNER" : "cve@mitre.org",
"DATE_PUBLIC": "2019-03-12T15:00:00.000Z", "DATE_PUBLIC" : "2019-03-12T15:00:00.000Z",
"ID": "CVE-2019-5616", "ID" : "CVE-2019-5616",
"STATE": "PUBLIC", "STATE" : "RESERVED",
"TITLE": "CircuitWerkes Sicon-8 Client-Side Authentication Read-Only Bypass" "TITLE" : "CircuitWerkes Sicon-8 Client-Side Authentication Read-Only Bypass"
}, },
"affects": { "credit" : [
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sicon-8",
"version": {
"version_data": [
{
"version_name": "1.72",
"version_value": "1.72"
}
]
}
}
]
},
"vendor_name": "CircuitWerkes, Inc."
}
]
}
},
"credit": [
{ {
"lang": "eng", "lang" : "eng",
"value": "This issue was discovered and reported by independent researcher Ph055a, and was validated and disclosed by Rapid7's Coordinated Vulnerability Disclosure program." "value" : "This issue was discovered and reported by independent researcher Ph055a, and was validated and disclosed by Rapid7's Coordinated Vulnerability Disclosure program."
} }
], ],
"data_format": "MITRE", "data_format" : "MITRE",
"data_type": "CVE", "data_type" : "CVE",
"data_version": "4.0", "data_version" : "4.0",
"description": { "description" : {
"description_data": [ "description_data" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser." "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
}, },
"exploit": [ "exploit" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "Because authentication is implemented as a JavaScript function that merely redirects the user away from the web app interface, rather than relying on session tokens or other more modern access controls, an attacker can navigate to http://address:port/index.htm using a standard web browser, and just before the page is fully rendered, hit the escape key to prevent the window.location redirect from executing. Once the page is rendered, the attacker can read all of the configured labels of a Sicon-8 device and retrieve the status of the labeled interfaces." "value" : "Because authentication is implemented as a JavaScript function that merely redirects the user away from the web app interface, rather than relying on session tokens or other more modern access controls, an attacker can navigate to http://address:port/index.htm using a standard web browser, and just before the page is fully rendered, hit the escape key to prevent the window.location redirect from executing. Once the page is rendered, the attacker can read all of the configured labels of a Sicon-8 device and retrieve the status of the labeled interfaces."
} }
], ],
"impact": { "impact" : {
"cvss": { "cvss" : {
"attackComplexity": "LOW", "attackComplexity" : "LOW",
"attackVector": "NETWORK", "attackVector" : "NETWORK",
"availabilityImpact": "NONE", "availabilityImpact" : "NONE",
"baseScore": 5.3, "baseScore" : 5.3,
"baseSeverity": "MEDIUM", "baseSeverity" : "MEDIUM",
"confidentialityImpact": "LOW", "confidentialityImpact" : "LOW",
"integrityImpact": "NONE", "integrityImpact" : "NONE",
"privilegesRequired": "NONE", "privilegesRequired" : "NONE",
"scope": "UNCHANGED", "scope" : "UNCHANGED",
"userInteraction": "NONE", "userInteraction" : "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0" "version" : "3.0"
} }
}, },
"problemtype": { "source" : {
"problemtype_data": [ "defect" : [
{
"description": [
{
"lang": "eng",
"value": "CWE-603"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Use of Client-Side Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.rapid7.com/2019/03/12/r7-2019-01-circuitwerkes-sicon-8-client-side-authentication-read-only-bypass-cve-2019-5616/",
"refsource": "MISC",
"url": "https://blog.rapid7.com/2019/03/12/r7-2019-01-circuitwerkes-sicon-8-client-side-authentication-read-only-bypass-cve-2019-5616/"
}
]
},
"source": {
"defect": [
"R7-2019-01" "R7-2019-01"
], ],
"discovery": "EXTERNAL" "discovery" : "EXTERNAL"
}, },
"work_around": [ "work_around" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "Users of the Sicon-8 should not expose the web-based management console to untrusted networks." "value" : "Users of the Sicon-8 should not expose the web-based management console to untrusted networks."
} }
] ]
} }

18
2019/9xxx/CVE-2019-9840.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9840",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}