admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

20191119 commit

Browse Source
This commit is contained in:
lenpsirt 2019-11-19 20:21:54 -05:00
parent bc87cafc20
commit 14f89899be
No known key found for this signature in database
GPG Key ID: BBFC49008A1FEA3C
6 changed files with 384 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
2019/6xxx/CVE-2019-6176.json
View File

@ -1,8 +1,34 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2019-11-19T17:00:00.000Z",
"ID": "CVE-2019-6176",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ThinkPad USB-C Dock Firmware",
"version": {
"version_data": [
{
"affected": "<",
"version_affected": "?<=",
"version_value": "3.7.2"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +37,41 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A potential vulnerability reported in ThinkPad USB-C Dock Firmware version 3.7.2 may allow a denial of service. "
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/solutions/LEN-27886"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update ThinkPad USB-C Dock Firmware to version 3.7.3 or higher."
}
],
"source": {
"advisory": "LEN-27886",
"discovery": "EXTERNAL"
}
}

65
2019/6xxx/CVE-2019-6184.json
View File

@ -1,8 +1,34 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2019-11-19T17:00:00.000Z",
"ID": "CVE-2019-6184",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Customer Engagement Service (CCSDK)",
"version": {
"version_data": [
{
"affected": "<",
"version_affected": "?<=",
"version_value": "2.0.21.1"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +37,41 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A potential vulnerability in the discontinued Customer Engagement Service (CCSDK) software version 2.0.21.1 may allow local privilege escalation."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/solutions/LEN-29289"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Uninstall CCSDK at your earliest convenience."
}
],
"source": {
"advisory": "LEN-29289",
"discovery": "EXTERNAL"
}
}

65
2019/6xxx/CVE-2019-6186.json
View File

@ -1,8 +1,34 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2019-11-19T17:00:00.000Z",
"ID": "CVE-2019-6186",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Lenovo System Interface Foundation",
"version": {
"version_data": [
{
"affected": "<",
"version_affected": "?<=",
"version_value": "1.1.18.3"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +37,41 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/solutions/LEN-29198"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update Lenovo System Interface Foundation to version 1.1.18.3 (or higher)"
}
],
"source": {
"advisory": "LEN-29198",
"discovery": "EXTERNAL"
}
}

77
2019/6xxx/CVE-2019-6187.json
View File

@ -1,8 +1,46 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2019-11-19T17:00:00.000Z",
"ID": "CVE-2019-6187",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Lenovo XClarity Controller (XCC)",
"version": {
"version_data": [
{
"affected": "<",
"version_affected": "<",
"version_value": "TEI392M"
},
{
"version_affected": "<",
"version_value": "CDI340M"
},
{
"version_affected": "<",
"version_value": "G1I312"
},
{
"version_affected": "<",
"version_value": "PSI328M"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +49,41 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A stored CSV Injection vulnerability was reported in Lenovo XClarity Controller (XCC) that could allow an administrative or other appropriately permissioned user to store malformed data in certain XCC server informational fields, that could result in crafted formulas being stored in an exported CSV file. The crafted formula is not executed on XCC itself and has no effect on the server."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "arbitrary eode execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/solutions/LEN-29118"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update LXCC to the version indicated for your product."
}
],
"source": {
"advisory": "LEN-29118",
"discovery": "UNKNOWN"
}
}

65
2019/6xxx/CVE-2019-6189.json
View File

@ -1,8 +1,34 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2019-11-19T17:00:00.000Z",
"ID": "CVE-2019-6189",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Lenovo System Interface Foundation",
"version": {
"version_data": [
{
"affected": "<",
"version_affected": "?<=",
"version_value": "1.1.18.3"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +37,41 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/solutions/LEN-29198"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update Lenovo System Interface Foundation to version 1.1.18.3 (or higher)"
}
],
"source": {
"advisory": "LEN-29198",
"discovery": "EXTERNAL"
}
}

65
2019/6xxx/CVE-2019-6191.json
View File

@ -1,8 +1,34 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2019-11-19T17:00:00.000Z",
"ID": "CVE-2019-6191",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LenovoPaper",
"version": {
"version_data": [
{
"affected": "<",
"version_affected": "?<=",
"version_value": "1.0.0.22"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +37,41 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A potential vulnerability in the discontinued LenovoPaper software version 1.0.0.22 may allow local privilege escalation."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/solutions/LEN-29187"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Uninstall LenovoPaper at your earliest convenience."
}
],
"source": {
"advisory": "LEN-29187",
"discovery": "EXTERNAL"
}
}