admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-04-17 14:00:52 +00:00
parent 8f6657845f
commit 1517c8717c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
51 changed files with 1821 additions and 1485 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
2017/11xxx/CVE-2017-11427.json
View File

@ -1,9 +1,40 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@duo.com",
"ID": "CVE-2017-11427",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": " Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PythonSAML",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "2.3.0"
}
]
}
}
]
},
"vendor_name": "OneLogin"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kelby Ludwig of Duo Security"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
@ -11,8 +42,53 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations",
"refsource": "MISC",
"name": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"url": "https://www.kb.cert.org/vuls/id/475445",
"refsource": "MISC",
"name": "https://www.kb.cert.org/vuls/id/475445"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}

82
2017/11xxx/CVE-2017-11428.json
View File

@ -1,9 +1,40 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@duo.com",
"ID": "CVE-2017-11428",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": " Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ruby-SAML",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "1.6.0"
}
]
}
}
]
},
"vendor_name": "OneLogin"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kelby Ludwig of Duo Security"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
@ -11,8 +42,53 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations",
"refsource": "MISC",
"name": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"url": "https://www.kb.cert.org/vuls/id/475445",
"refsource": "MISC",
"name": "https://www.kb.cert.org/vuls/id/475445"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}

86
2017/11xxx/CVE-2017-11429.json
View File

@ -1,9 +1,44 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@duo.com",
"ID": "CVE-2017-11429",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": " Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "saml2-js",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "1.0"
},
{
"affected": "<",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Clever"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kelby Ludwig of Duo Security"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
@ -11,8 +46,53 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Clever saml2-js 2.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations",
"refsource": "MISC",
"name": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"url": "https://www.kb.cert.org/vuls/id/475445",
"refsource": "MISC",
"name": "https://www.kb.cert.org/vuls/id/475445"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}

82
2017/11xxx/CVE-2017-11430.json
View File

@ -1,9 +1,40 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@duo.com",
"ID": "CVE-2017-11430",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": " Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OmnitAuth-SAML",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "1.9.0"
}
]
}
}
]
},
"vendor_name": "OmniAuth"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kelby Ludwig of Duo Security"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
@ -11,8 +42,53 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations",
"refsource": "MISC",
"name": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"url": "https://www.kb.cert.org/vuls/id/475445",
"refsource": "MISC",
"name": "https://www.kb.cert.org/vuls/id/475445"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}

11
2017/12xxx/CVE-2017-12741.json
View File

@ -894,7 +894,6 @@
]
}
}
]
}
},
@ -922,16 +921,16 @@
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf"
},
{
"refsource": "BID",
"name": "101964",
"url": "https://www.securityfocus.com/bid/101964"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf",

10
2018/13xxx/CVE-2018-13803.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-13803",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

41
2018/13xxx/CVE-2018-13808.json
View File

@ -4,35 +4,37 @@
"data_type": "CVE",
"CVE_data_meta": {
"ID": "CVE-2018-13808",
"ASSIGNER": "productcert@siemens.com"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor" : {
"vendor_data" : [
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product" : {
"product_data" : [
{
"product": {
"product_data": [
{
"product_name": "CP 1604",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V2.8"
"version_value": "All versions < V2.8"
}
]
}
},
{
{
"product_name": "CP 1616",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V2.8"
"version_value": "All versions < V2.8"
}
]
}
} ]
}
]
}
}
]
@ -51,19 +53,20 @@
]
},
"references": {
"reference_data": [
"reference_data": [
{
"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf"
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf"
}
]
},
"description":{
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in CP 1604 (All versions < V2.8), CP 1616 (All versions < V2.8). An attacker with network access to port 23/tcp could extract internal communication data or cause a Denial-of-Service condition.\n\nSuccessful exploitation requires network access to a vulnerable device.\n\nAt the time of advisory publication no public exploitation of this vulnerability was known."
"value": "A vulnerability has been identified in CP 1604 (All versions < V2.8), CP 1616 (All versions < V2.8). An attacker with network access to port 23/tcp could extract internal communication data or cause a Denial-of-Service condition. Successful exploitation requires network access to a vulnerable device. At the time of advisory publication no public exploitation of this vulnerability was known."
}
]
}
}

40
2018/13xxx/CVE-2018-13809.json
View File

@ -4,35 +4,37 @@
"data_type": "CVE",
"CVE_data_meta": {
"ID": "CVE-2018-13809",
"ASSIGNER": "productcert@siemens.com"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor" : {
"vendor_data" : [
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product" : {
"product_data" : [
{
"product": {
"product_data": [
{
"product_name": "CP 1604",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V2.8"
"version_value": "All versions < V2.8"
}
]
}
},
{
{
"product_name": "CP 1616",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V2.8"
"version_value": "All versions < V2.8"
}
]
}
} ]
}
]
}
}
]
@ -51,17 +53,19 @@
]
},
"references": {
"reference_data": [
"reference_data": [
{
"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf"
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf"
}
]
},
"description":{
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in CP 1604 (All versions < V2.8), CP 1616 (All versions < V2.8). The integrated web server of the affected CP devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into following a malicious link.\n\nUser interaction is required for a successful exploitation.\n\nAt the time of advisory publication no public exploitation of this vulnerability was known."
"value": "A vulnerability has been identified in CP 1604 (All versions < V2.8), CP 1616 (All versions < V2.8). The integrated web server of the affected CP devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into following a malicious link. User interaction is required for a successful exploitation. At the time of advisory publication no public exploitation of this vulnerability was known."
}
]
}

40
2018/13xxx/CVE-2018-13810.json
View File

@ -4,35 +4,37 @@
"data_type": "CVE",
"CVE_data_meta": {
"ID": "CVE-2018-13810",
"ASSIGNER": "productcert@siemens.com"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor" : {
"vendor_data" : [
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product" : {
"product_data" : [
{
"product": {
"product_data": [
{
"product_name": "CP 1604",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V2.8"
"version_value": "All versions < V2.8"
}
]
}
},
{
{
"product_name": "CP 1616",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V2.8"
"version_value": "All versions < V2.8"
}
]
}
} ]
}
]
}
}
]
@ -51,17 +53,19 @@
]
},
"references": {
"reference_data": [
"reference_data": [
{
"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf"
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf"
}
]
},
"description":{
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in CP 1604 (All versions < V2.8), CP 1616 (All versions < V2.8). The integrated configuration web server of the affected CP devices could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link.\n\nSuccessful exploitation requires user interaction by a legitimate user. A successful attack could allow an attacker to trigger actions via the web interface that the legitimate user is allowed to perform.\n\nAt the time of advisory publication no public exploitation of this vulnerability was known."
"value": "A vulnerability has been identified in CP 1604 (All versions < V2.8), CP 1616 (All versions < V2.8). The integrated configuration web server of the affected CP devices could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by a legitimate user. A successful attack could allow an attacker to trigger actions via the web interface that the legitimate user is allowed to perform. At the time of advisory publication no public exploitation of this vulnerability was known."
}
]
}

10
2018/13xxx/CVE-2018-13817.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-13817",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

40
2018/16xxx/CVE-2018-16558.json
View File

@ -4,35 +4,37 @@
"data_type": "CVE",
"CVE_data_meta": {
"ID": "CVE-2018-16558",
"ASSIGNER": "productcert@siemens.com"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor" : {
"vendor_data" : [
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product" : {
"product_data" : [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC S7-1500 CPU",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions >= V2.0 and < V2.5"
"version_value": "All versions >= V2.0 and < V2.5"
}
]
}
},
{
{
"product_name": "SIMATIC S7-1500 CPU",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions <= V1.8.5"
"version_value": "All versions <= V1.8.5"
}
]
}
} ]
}
]
}
}
]
@ -51,17 +53,19 @@
]
},
"references": {
"reference_data": [
"reference_data": [
{
"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-180635.pdf"
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180635.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-180635.pdf"
}
]
},
"description":{
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions <= V1.8.5). Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device.\n\nThe security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/tcp or 443/tcp. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device.\n\nAt the time of advisory publication no public exploitation of this security vulnerability was known."
"value": "A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions <= V1.8.5). Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/tcp or 443/tcp. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
}

40
2018/16xxx/CVE-2018-16559.json
View File

@ -4,35 +4,37 @@
"data_type": "CVE",
"CVE_data_meta": {
"ID": "CVE-2018-16559",
"ASSIGNER": "productcert@siemens.com"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor" : {
"vendor_data" : [
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product" : {
"product_data" : [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC S7-1500 CPU",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions >= V2.0 and < V2.5"
"version_value": "All versions >= V2.0 and < V2.5"
}
]
}
},
{
{
"product_name": "SIMATIC S7-1500 CPU",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions <= V1.8.5"
"version_value": "All versions <= V1.8.5"
}
]
}
} ]
}
]
}
}
]
@ -51,17 +53,19 @@
]
},
"references": {
"reference_data": [
"reference_data": [
{
"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-180635.pdf"
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180635.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-180635.pdf"
}
]
},
"description":{
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions <= V1.8.5). Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device.\n\nThe security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/tcp or 443/tcp. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device.\n\nAt the time of advisory publication no public exploitation of this security vulnerability was known."
"value": "A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions <= V1.8.5). Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/tcp or 443/tcp. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
}

10
2018/16xxx/CVE-2018-16560.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16560",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

33
2018/16xxx/CVE-2018-16561.json
View File

@ -4,25 +4,27 @@
"data_type": "CVE",
"CVE_data_meta": {
"ID": "CVE-2018-16561",
"ASSIGNER": "productcert@siemens.com"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor" : {
"vendor_data" : [
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product" : {
"product_data" : [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC S7-300 CPUs",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V3.X.16"
"version_value": "All versions < V3.X.16"
}
]
}
} ]
}
]
}
}
]
@ -41,19 +43,20 @@
]
},
"references": {
"reference_data": [
"reference_data": [
{
"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-306710.pdf"
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-306710.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-306710.pdf"
}
]
},
"description":{
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC S7-300 CPUs (All versions < V3.X.16). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart.\n\nSuccessful exploitation requires an attacker to be able to send a specially crafted S7 communication packet to a communication interface of the CPU. This includes Ethernet, PROFIBUS, and Multi Point Interfaces (MPI). No user interaction or privileges are required to exploit the security vulnerability. The vulnerability could allow causing a Denial-of-Service condition of the core functionality of the CPU, compromising the availability of the system.\n\nAt the time of advisory publication no public exploitation of this security vulnerability was known. Siemens confirms the security vulnerability and provides mitigations to resolve the security issue."
"value": "A vulnerability has been identified in SIMATIC S7-300 CPUs (All versions < V3.X.16). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart. Successful exploitation requires an attacker to be able to send a specially crafted S7 communication packet to a communication interface of the CPU. This includes Ethernet, PROFIBUS, and Multi Point Interfaces (MPI). No user interaction or privileges are required to exploit the security vulnerability. The vulnerability could allow causing a Denial-of-Service condition of the core functionality of the CPU, compromising the availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens confirms the security vulnerability and provides mitigations to resolve the security issue."
}
]
}
}

10
2018/16xxx/CVE-2018-16562.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16562",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16564.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16564",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16565.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16565",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16566.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16566",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16567.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16567",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16568.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16568",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16569.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16569",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16570.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16570",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16571.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16571",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16572.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16572",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16573.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16573",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16574.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16574",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16575.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16575",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16576.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16576",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16577.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16577",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16578.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16578",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16579.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16579",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16580.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16580",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16581.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16581",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16582.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16582",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16583.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16583",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/16xxx/CVE-2018-16584.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16584",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

10
2018/4xxx/CVE-2018-4857.json
View File

@ -1,17 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-4857",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

179
2019/3xxx/CVE-2019-3708.json
View File

@ -1,92 +1,93 @@
{
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2019-04-08T04:00:00.000Z",
"ID": "CVE-2019-3708",
"STATE": "PUBLIC",
"TITLE": "Cross-Site Scripting Vulnerability in OVA file upload feature"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dell EMC IsilonSD Management Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.1.0"
}
]
}
}
]
},
"vendor_name": "Dell EMC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Dell EMC would like to thank Jarrod Farncomb for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IsilonSD Management Server 1.1.0 contains a cross-site scripting vulnerability while uploading an OVA file. A remote attacker can trick an admin user to potentially exploit this vulnerability to execute malicious HTML or JavaScript code in the context of the admin user."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting Vulnerability"
}
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2019-04-08T04:00:00.000Z",
"ID": "CVE-2019-3708",
"STATE": "PUBLIC",
"TITLE": "Cross-Site Scripting Vulnerability in OVA file upload feature"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dell EMC IsilonSD Management Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.1.0"
}
]
}
}
]
},
"vendor_name": "Dell EMC"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "FULLDISC",
"url": "https://seclists.org/fulldisclosure/2019/Apr/16"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
},
"credit": [
{
"lang": "eng",
"value": "Dell EMC would like to thank Jarrod Farncomb for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IsilonSD Management Server 1.1.0 contains a cross-site scripting vulnerability while uploading an OVA file. A remote attacker can trick an admin user to potentially exploit this vulnerability to execute malicious HTML or JavaScript code in the context of the admin user."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2019/Apr/16",
"name": "https://seclists.org/fulldisclosure/2019/Apr/16"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

179
2019/3xxx/CVE-2019-3709.json
View File

@ -1,92 +1,93 @@
{
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2019-04-08T04:00:00.000Z",
"ID": "CVE-2019-3709",
"STATE": "PUBLIC",
"TITLE": "Cross-Site Scripting Vulnerability while registering vCenter servers"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dell EMC IsilonSD Management Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.1.0"
}
]
}
}
]
},
"vendor_name": "Dell EMC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Dell EMC would like to thank Jarrod Farncomb for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IsilonSD Management Server 1.1.0 contains a cross-site scripting vulnerability while registering vCenter servers. A remote attacker can trick an admin user to potentially exploit this vulnerability to execute malicious HTML or JavaScript code in the context of the admin user."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting Vulnerability"
}
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2019-04-08T04:00:00.000Z",
"ID": "CVE-2019-3709",
"STATE": "PUBLIC",
"TITLE": "Cross-Site Scripting Vulnerability while registering vCenter servers"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dell EMC IsilonSD Management Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.1.0"
}
]
}
}
]
},
"vendor_name": "Dell EMC"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "FULLDISC",
"url": "https://seclists.org/fulldisclosure/2019/Apr/16"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
},
"credit": [
{
"lang": "eng",
"value": "Dell EMC would like to thank Jarrod Farncomb for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IsilonSD Management Server 1.1.0 contains a cross-site scripting vulnerability while registering vCenter servers. A remote attacker can trick an admin user to potentially exploit this vulnerability to execute malicious HTML or JavaScript code in the context of the admin user."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2019/Apr/16",
"name": "https://seclists.org/fulldisclosure/2019/Apr/16"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

156
2019/3xxx/CVE-2019-3798.json
View File

@ -1,85 +1,85 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2019-04-11T00:00:00.000Z",
"ID": "CVE-2019-3798",
"STATE": "PUBLIC",
"TITLE": "Escalation of Privileges in Cloud Controller"
},
"source": {
"discovery": "UNKNOWN"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CAPI-release",
"version": {
"version_data": [
{
"affected": "<",
"version_name": "All",
"version_value": "1.79.0"
}
]
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2019-04-11T00:00:00.000Z",
"ID": "CVE-2019-3798",
"STATE": "PUBLIC",
"TITLE": "Escalation of Privileges in Cloud Controller"
},
"source": {
"discovery": "UNKNOWN"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CAPI-release",
"version": {
"version_data": [
{
"affected": "<",
"version_name": "All",
"version_value": "1.79.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry Cloud Controller API Release, versions prior to 1.79.0, contains improper authentication when validating user permissions. A remote authenticated malicious user with the ability to create UAA clients and knowledge of the email of a victim in the foundation may escalate their privileges to that of the victim by creating a client with a name equal to the guid of their victim."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication - Generic"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry Cloud Controller API Release, versions prior to 1.79.0, contains improper authentication when validating user permissions. A remote authenticated malicious user with the ability to create UAA clients and knowledge of the email of a victim in the foundation may escalate their privileges to that of the victim by creating a client with a name equal to the guid of their victim."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-3798",
"name": "https://www.cloudfoundry.org/blog/cve-2019-3798"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H",
"version": "3.0"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication - Generic"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-3798",
"name": "https://www.cloudfoundry.org/blog/cve-2019-3798"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H",
"version": "3.0"
}
}
}
}

3
2019/3xxx/CVE-2019-3883.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3883",
"ASSIGNER": "lpardo@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

511
2019/6xxx/CVE-2019-6568.json
View File

@ -8,622 +8,623 @@
"data_type": "CVE",
"data_version": "4.0",
"affects": {
"vendor" : {
"vendor_data" : [
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens AG",
"product" : {
"product_data" : [
{
"product": {
"product_data": [
{
"product_name": "CP1604",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "CP1616",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIAMTIC RF185C",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC CP343-1 Advanced",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC CP443-1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC CP443-1 Advanced",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC CP443-1 OPC UA",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC ET 200 SP Open Controller CPU 1515SP PC",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V2.1.6"
"version_value": "All versions < V2.1.6"
}
]
}
},
{
{
"product_name": "SIMATIC ET 200 SP Open Controller CPU 1515SP PC2",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" & 15\"",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC HMI Comfort Panels 4\" - 22\"",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC IPC DiagMonitor",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC RF181-EIP",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC RF182C",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC RF186C",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC RF188C",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC RF600R",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC S7-1500 CPU family",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC S7-1500 Software Controller",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC S7-300 CPU family",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V3.X.16"
"version_value": "All versions < V3.X.16"
}
]
}
},
{
{
"product_name": "SIMATIC S7-400 PN (incl. F) V6 and below",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC S7-400 PN/DP V7 (incl. F)",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC S7-PLCSIM Advanced",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC Teleservice Adapter IE Advanced",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC Teleservice Adapter IE Basic",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC Teleservice Adapter IE Standard",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC WinAC RTX 2010",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC WinCC Runtime Advanced",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMOCODE pro V EIP",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMOCODE pro V PN",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS G130 V4.6",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS G130 V4.7",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS G130 V4.7 SP1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS G130 V4.8",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V4.8 HF6"
"version_value": "All versions < V4.8 HF6"
}
]
}
},
{
{
"product_name": "SINAMICS G130 V5.1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS G130 V5.1 SP1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V5.1 SP1 HF4"
"version_value": "All versions < V5.1 SP1 HF4"
}
]
}
},
{
{
"product_name": "SINAMICS G150 V4.6",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS G150 V4.7",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS G150 V4.7 SP1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS G150 V4.8",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V4.8 HF6"
"version_value": "All versions < V4.8 HF6"
}
]
}
},
{
{
"product_name": "SINAMICS G150 V5.1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS G150 V5.1 SP1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V5.1 SP1 HF4"
"version_value": "All versions < V5.1 SP1 HF4"
}
]
}
},
{
{
"product_name": "SINAMICS S120 V4.6",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS S120 V4.7",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS S120 V4.7 SP1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS S120 V4.8",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V4.8 HF6"
"version_value": "All versions < V4.8 HF6"
}
]
}
},
{
{
"product_name": "SINAMICS S120 V5.1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS S120 V5.1 SP1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V5.1 SP1 HF4"
"version_value": "All versions < V5.1 SP1 HF4"
}
]
}
},
{
{
"product_name": "SINAMICS S150 V4.6",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS S150 V4.7",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS S150 V4.7 SP1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS S150 V4.8",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V4.8 HF6"
"version_value": "All versions < V4.8 HF6"
}
]
}
},
{
{
"product_name": "SINAMICS S150 V5.1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS S150 V5.1 SP1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V5.1 SP1 HF4"
"version_value": "All versions < V5.1 SP1 HF4"
}
]
}
},
{
{
"product_name": "SINAMICS S210 V5.1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINAMICS S210 V5.1 SP1",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SITOP Manager",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SITOP PSU8600",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SITOP UPS1600",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "TIM 1531 IRC",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
} ]
}
]
}
}
]
@ -642,20 +643,20 @@
]
},
"references": {
"reference_data": [
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
}
]
},
"description":{
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in CP1604 (All versions), CP1616 (All versions), SIAMTIC RF185C (All versions), SIMATIC CP343-1 Advanced (All versions), SIMATIC CP443-1 (All versions), SIMATIC CP443-1 Advanced (All versions), SIMATIC CP443-1 OPC UA (All versions), SIMATIC ET 200 SP Open Controller CPU 1515SP PC (All versions < V2.1.6), SIMATIC ET 200 SP Open Controller CPU 1515SP PC2 (All versions), SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (All versions), SIMATIC HMI Comfort Panels 4\" - 22\" (All versions), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC RF181-EIP (All versions), SIMATIC RF182C (All versions), SIMATIC RF186C (All versions), SIMATIC RF188C (All versions), SIMATIC RF600R (All versions), SIMATIC S7-1500 CPU family (All versions), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-300 CPU family (All versions < V3.X.16), SIMATIC S7-400 PN (incl. F) V6 and below (All versions), SIMATIC S7-400 PN/DP V7 (incl. F) (All versions), SIMATIC S7-PLCSIM Advanced (All versions), SIMATIC Teleservice Adapter IE Advanced (All versions), SIMATIC Teleservice Adapter IE Basic (All versions), SIMATIC Teleservice Adapter IE Standard (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIMOCODE pro V EIP (All versions), SIMOCODE pro V PN (All versions), SINAMICS G130 V4.6 (All versions), SINAMICS G130 V4.7 (All versions), SINAMICS G130 V4.7 SP1 (All versions), SINAMICS G130 V4.8 (All versions < V4.8 HF6), SINAMICS G130 V5.1 (All versions), SINAMICS G130 V5.1 SP1 (All versions < V5.1 SP1 HF4), SINAMICS G150 V4.6 (All versions), SINAMICS G150 V4.7 (All versions), SINAMICS G150 V4.7 SP1 (All versions), SINAMICS G150 V4.8 (All versions < V4.8 HF6), SINAMICS G150 V5.1 (All versions), SINAMICS G150 V5.1 SP1 (All versions < V5.1 SP1 HF4), SINAMICS S120 V4.6 (All versions), SINAMICS S120 V4.7 (All versions), SINAMICS S120 V4.7 SP1 (All versions), SINAMICS S120 V4.8 (All versions < V4.8 HF6), SINAMICS S120 V5.1 (All versions), SINAMICS S120 V5.1 SP1 (All versions < V5.1 SP1 HF4), SINAMICS S150 V4.6 (All versions), SINAMICS S150 V4.7 (All versions), SINAMICS S150 V4.7 SP1 (All versions), SINAMICS S150 V4.8 (All versions < V4.8 HF6), SINAMICS S150 V5.1 (All versions), SINAMICS S150 V5.1 SP1 (All versions < V5.1 SP1 HF4), SINAMICS S210 V5.1 (All versions), SINAMICS S210 V5.1 SP1 (All versions), SITOP Manager (All versions), SITOP PSU8600 (All versions), SITOP UPS1600 (All versions), TIM 1531 IRC (All versions). The webserver of the affected devices contains a vulnerability that may lead to a denial-of-service condition. An attacker may cause a denial-of-service situation which leads to a restart of the webserver of the affected device.\n\nThe security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device.\n\nAt the time of advisory publication no public exploitation of this security vulnerability was known."
"value": "A vulnerability has been identified in CP1604 (All versions), CP1616 (All versions), SIAMTIC RF185C (All versions), SIMATIC CP343-1 Advanced (All versions), SIMATIC CP443-1 (All versions), SIMATIC CP443-1 Advanced (All versions), SIMATIC CP443-1 OPC UA (All versions), SIMATIC ET 200 SP Open Controller CPU 1515SP PC (All versions < V2.1.6), SIMATIC ET 200 SP Open Controller CPU 1515SP PC2 (All versions), SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (All versions), SIMATIC HMI Comfort Panels 4\" - 22\" (All versions), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC RF181-EIP (All versions), SIMATIC RF182C (All versions), SIMATIC RF186C (All versions), SIMATIC RF188C (All versions), SIMATIC RF600R (All versions), SIMATIC S7-1500 CPU family (All versions), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-300 CPU family (All versions < V3.X.16), SIMATIC S7-400 PN (incl. F) V6 and below (All versions), SIMATIC S7-400 PN/DP V7 (incl. F) (All versions), SIMATIC S7-PLCSIM Advanced (All versions), SIMATIC Teleservice Adapter IE Advanced (All versions), SIMATIC Teleservice Adapter IE Basic (All versions), SIMATIC Teleservice Adapter IE Standard (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIMOCODE pro V EIP (All versions), SIMOCODE pro V PN (All versions), SINAMICS G130 V4.6 (All versions), SINAMICS G130 V4.7 (All versions), SINAMICS G130 V4.7 SP1 (All versions), SINAMICS G130 V4.8 (All versions < V4.8 HF6), SINAMICS G130 V5.1 (All versions), SINAMICS G130 V5.1 SP1 (All versions < V5.1 SP1 HF4), SINAMICS G150 V4.6 (All versions), SINAMICS G150 V4.7 (All versions), SINAMICS G150 V4.7 SP1 (All versions), SINAMICS G150 V4.8 (All versions < V4.8 HF6), SINAMICS G150 V5.1 (All versions), SINAMICS G150 V5.1 SP1 (All versions < V5.1 SP1 HF4), SINAMICS S120 V4.6 (All versions), SINAMICS S120 V4.7 (All versions), SINAMICS S120 V4.7 SP1 (All versions), SINAMICS S120 V4.8 (All versions < V4.8 HF6), SINAMICS S120 V5.1 (All versions), SINAMICS S120 V5.1 SP1 (All versions < V5.1 SP1 HF4), SINAMICS S150 V4.6 (All versions), SINAMICS S150 V4.7 (All versions), SINAMICS S150 V4.7 SP1 (All versions), SINAMICS S150 V4.8 (All versions < V4.8 HF6), SINAMICS S150 V5.1 (All versions), SINAMICS S150 V5.1 SP1 (All versions < V5.1 SP1 HF4), SINAMICS S210 V5.1 (All versions), SINAMICS S210 V5.1 SP1 (All versions), SITOP Manager (All versions), SITOP PSU8600 (All versions), SITOP UPS1600 (All versions), TIM 1531 IRC (All versions). The webserver of the affected devices contains a vulnerability that may lead to a denial-of-service condition. An attacker may cause a denial-of-service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
}
}

31
2019/6xxx/CVE-2019-6570.json
View File

@ -8,22 +8,23 @@
"data_type": "CVE",
"data_version": "4.0",
"affects": {
"vendor" : {
"vendor_data" : [
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens AG",
"product" : {
"product_data" : [
{
"product": {
"product_data": [
{
"product_name": "SINEMA Remote Connect Server",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V2.0"
"version_value": "All versions < V2.0"
}
]
}
} ]
}
]
}
}
]
@ -42,20 +43,20 @@
]
},
"references": {
"reference_data": [
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
}
]
},
"description":{
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization.\n\nThe security vulnerability could be exploited by an attacker with network access to the affected system. An attacker must have access to a low privileged account in order to exploit the vulnerability. An attacker could use the vulnerability to compromise confidentiality, integrity and availability of the affected system.\n\nAt the time of advisory publication no public exploitation of this security vulnerability was known."
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. The security vulnerability could be exploited by an attacker with network access to the affected system. An attacker must have access to a low privileged account in order to exploit the vulnerability. An attacker could use the vulnerability to compromise confidentiality, integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
}
}

159
2019/6xxx/CVE-2019-6575.json
View File

@ -8,182 +8,183 @@
"data_type": "CVE",
"data_version": "4.0",
"affects": {
"vendor" : {
"vendor_data" : [
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens AG",
"product" : {
"product_data" : [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC CP443-1 OPC UA",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC ET 200 Open Controller CPU 1515SP PC2",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC IPC DiagMonitor",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC NET PC Software",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC RF188C",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC RF600R",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC S7-1500 CPU family",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions >= V2.5"
"version_value": "All versions >= V2.5"
}
]
}
},
{
{
"product_name": "SIMATIC S7-1500 Software Controller",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions >= V2.5"
"version_value": "All versions >= V2.5"
}
]
}
},
{
{
"product_name": "SIMATIC WinCC OA",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V3.15-P018"
"version_value": "All versions < V3.15-P018"
}
]
}
},
{
{
"product_name": "SIMATIC WinCC Runtime Advanced",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC WinCC Runtime Comfort",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC WinCC Runtime HSP Comfort",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SIMATIC WinCC Runtime Mobile",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINEC-NMS",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINEMA Server",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
},
{
{
"product_name": "SINUMERIK OPC UA Server",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions < V2.1"
"version_value": "All versions < V2.1"
}
]
}
},
{
{
"product_name": "TeleControl Server Basic",
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
} ]
}
]
}
}
]
@ -202,20 +203,20 @@
]
},
"references": {
"reference_data": [
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
}
]
},
"description":{
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC CP443-1 OPC UA (All versions), SIMATIC ET 200 Open Controller CPU 1515SP PC2 (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC NET PC Software (All versions), SIMATIC RF188C (All versions), SIMATIC RF600R (All versions), SIMATIC S7-1500 CPU family (All versions >= V2.5), SIMATIC S7-1500 Software Controller (All versions >= V2.5), SIMATIC WinCC OA (All versions < V3.15-P018), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Comfort (All versions), SIMATIC WinCC Runtime HSP Comfort (All versions), SIMATIC WinCC Runtime Mobile (All versions), SINEC-NMS (All versions), SINEMA Server (All versions), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the OPC communication or crash the device.\n\nThe security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication.\n\nAt the time of advisory publication no public exploitation of this security vulnerability was known."
"value": "A vulnerability has been identified in SIMATIC CP443-1 OPC UA (All versions), SIMATIC ET 200 Open Controller CPU 1515SP PC2 (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC NET PC Software (All versions), SIMATIC RF188C (All versions), SIMATIC RF600R (All versions), SIMATIC S7-1500 CPU family (All versions >= V2.5), SIMATIC S7-1500 Software Controller (All versions >= V2.5), SIMATIC WinCC OA (All versions < V3.15-P018), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Comfort (All versions), SIMATIC WinCC Runtime HSP Comfort (All versions), SIMATIC WinCC Runtime Mobile (All versions), SINEC-NMS (All versions), SINEMA Server (All versions), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
}
}

33
2019/6xxx/CVE-2019-6579.json
View File

@ -8,22 +8,23 @@
"data_type": "CVE",
"data_version": "4.0",
"affects": {
"vendor" : {
"vendor_data" : [
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens AG",
"product" : {
"product_data" : [
{
"product_name": "Spectrum Power 4",
"version" : {
"version_data" : [
"product": {
"product_data": [
{
"product_name": "Spectrum Power\u2122 4",
"version": {
"version_data": [
{
"version_value" : "with Web Office Portal"
"version_value": "with Web Office Portal"
}
]
}
} ]
}
]
}
}
]
@ -42,20 +43,20 @@
]
},
"references": {
"reference_data": [
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-324467.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-324467.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-324467.pdf"
}
]
},
"description":{
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal). An attacker with network access to the web server on port 80/TCP or 443/TCP could execute system commands with administrative privileges.\n\nThe security vulnerability could be exploited by an unauthenticated attacker with network access to the affected service. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises confidentiality, integrity or availability of the targeted system.\n\nAt the time of advisory publication no public exploitation of this security vulnerability was known."
"value": "A vulnerability has been identified in Spectrum Power\u2122 4 (with Web Office Portal). An attacker with network access to the web server on port 80/TCP or 443/TCP could execute system commands with administrative privileges. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected service. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises confidentiality, integrity or availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
}
}

176
2019/9xxx/CVE-2019-9494.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9494",
"STATE": "PUBLIC",
"TITLE": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side-channel attacks"
},
"affects": {
"vendor": {
"vendor_data": [
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9494",
"STATE": "PUBLIC",
"TITLE": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side-channel attacks"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
"lang": "eng",
"value": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-208 Information Exposure Through Timing Discrepancy"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-524 Information Exposure Through Caching"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-1/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-1/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-208 Information Exposure Through Timing Discrepancy"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-524 Information Exposure Through Caching"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-1/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-1/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

162
2019/9xxx/CVE-2019-9495.json
View File

@ -1,84 +1,84 @@
{
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9495",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-524 Information Exposure Through Caching"
}
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9495",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-2/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-2/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-524 Information Exposure Through Caching"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-2/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-2/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

162
2019/9xxx/CVE-2019-9496.json
View File

@ -1,84 +1,84 @@
{
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9496",
"STATE": "PUBLIC",
"TITLE": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-642 External Control of Critical State Data"
}
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9496",
"STATE": "PUBLIC",
"TITLE": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-3/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-3/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-642 External Control of Critical State Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-3/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-3/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

210
2019/9xxx/CVE-2019-9497.json
View File

@ -1,108 +1,108 @@
{
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9497",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-301"
}
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9497",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-4/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-4/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-301"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-4/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-4/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

210
2019/9xxx/CVE-2019-9498.json
View File

@ -1,108 +1,108 @@
{
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9498",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in hostapd EAP Server do not validate the scalar and element values in EAP-pwd-Commit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-346 Origin Validation Error"
}
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9498",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in hostapd EAP Server do not validate the scalar and element values in EAP-pwd-Commit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-4/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-4/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-346 Origin Validation Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-4/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-4/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

210
2019/9xxx/CVE-2019-9499.json
View File

@ -1,108 +1,108 @@
{
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9499",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-346 Origin Validation Error"
}
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9499",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-4/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-4/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-346 Origin Validation Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-4/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-4/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}