admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-06-27 14:00:56 +00:00
parent 472171c2b2
commit 1d691df5b7
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
15 changed files with 1463 additions and 1414 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

218
2018/1xxx/CVE-2018-1734.json
View File

@ -1,111 +1,111 @@
{
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
},
"product_name": "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"UI" : "N",
"PR" : "L",
"AV" : "N",
"SCORE" : "4.300",
"C" : "L",
"I" : "N",
"S" : "U",
"A" : "N",
"AC" : "L"
}
}
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2018-1734"
},
"description" : {
"description_data" : [
{
"value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a malicious user to orchestrate further attacks. IBM X-Force ID: 147838.",
"lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-rhapsody-cve20181734-info-disc (147838)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/147838",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
}
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
},
"BM": {
"UI": "N",
"PR": "L",
"AV": "N",
"SCORE": "4.300",
"C": "L",
"I": "N",
"S": "U",
"A": "N",
"AC": "L"
}
}
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-06-25T00:00:00",
"ID": "CVE-2018-1734"
},
"description": {
"description_data": [
{
"value": "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a malicious user to orchestrate further attacks. IBM X-Force ID: 147838.",
"lang": "eng"
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"title": "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource": "CONFIRM"
},
{
"name": "ibm-rhapsody-cve20181734-info-disc (147838)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/147838",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
}
}

218
2018/1xxx/CVE-2018-1758.json
View File

@ -1,111 +1,111 @@
{
"data_version" : "4.0",
"data_type" : "CVE",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "H",
"RC" : "C"
},
"BM" : {
"AC" : "L",
"A" : "N",
"I" : "L",
"S" : "C",
"C" : "L",
"SCORE" : "5.400",
"AV" : "N",
"PR" : "L",
"UI" : "R"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
},
"product_name": "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1758",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148605."
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-rqm-cve20181758-xss (148605)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148605"
}
]
}
}
}
},
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"E": "H",
"RC": "C"
},
"BM": {
"AC": "L",
"A": "N",
"I": "L",
"S": "C",
"C": "L",
"SCORE": "5.400",
"AV": "N",
"PR": "L",
"UI": "R"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"CVE_data_meta": {
"ID": "CVE-2018-1758",
"DATE_PUBLIC": "2019-06-25T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148605."
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"title": "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource": "CONFIRM"
},
{
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-rqm-cve20181758-xss (148605)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/148605"
}
]
}
}

216
2018/1xxx/CVE-2018-1760.json
View File

@ -1,111 +1,111 @@
{
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148614",
"name" : "ibm-rqm-cve20181760-xss (148614)"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148614."
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2018-1760",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"A" : "N",
"I" : "L",
"S" : "C",
"C" : "L",
"SCORE" : "5.400",
"AV" : "N",
"PR" : "L",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"references": {
"reference_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
}
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/148614",
"name": "ibm-rqm-cve20181760-xss (148614)"
}
]
}
},
"data_format" : "MITRE",
"data_version" : "4.0",
"data_type" : "CVE"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148614."
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2019-06-25T00:00:00",
"ID": "CVE-2018-1760",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-Site Scripting",
"lang": "eng"
}
]
}
]
},
"impact": {
"cvssv3": {
"BM": {
"AC": "L",
"A": "N",
"I": "L",
"S": "C",
"C": "L",
"SCORE": "5.400",
"AV": "N",
"PR": "L",
"UI": "R"
},
"TM": {
"E": "H",
"RC": "C",
"RL": "O"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
},
"product_name": "Rational Collaborative Lifecycle Management"
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE"
}

218
2018/1xxx/CVE-2018-1826.json
View File

@ -1,111 +1,111 @@
{
"data_format" : "MITRE",
"data_version" : "4.0",
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Rational Collaborative Lifecycle Management",
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-site scripting",
"lang" : "eng"
}
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Rational Collaborative Lifecycle Management",
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
}
}
]
}
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"SCORE" : "5.400",
"PR" : "L",
"UI" : "R",
"AC" : "L",
"A" : "N",
"C" : "L",
"S" : "C",
"I" : "L"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1826",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150429."
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/150429",
"name" : "ibm-rqm-cve20181826-xss (150429)"
}
]
}
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-site scripting",
"lang": "eng"
}
]
}
]
},
"impact": {
"cvssv3": {
"BM": {
"AV": "N",
"SCORE": "5.400",
"PR": "L",
"UI": "R",
"AC": "L",
"A": "N",
"C": "L",
"S": "C",
"I": "L"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
}
},
"CVE_data_meta": {
"ID": "CVE-2018-1826",
"DATE_PUBLIC": "2019-06-25T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150429."
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"title": "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource": "CONFIRM"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/150429",
"name": "ibm-rqm-cve20181826-xss (150429)"
}
]
}
}

218
2018/1xxx/CVE-2018-1827.json
View File

@ -1,111 +1,111 @@
{
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"PR" : "L",
"SCORE" : "5.400",
"AV" : "N",
"UI" : "R",
"A" : "N",
"AC" : "L",
"I" : "L",
"S" : "C",
"C" : "L"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"data_version" : "4.0",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name" : "IBM"
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"PR": "L",
"SCORE": "5.400",
"AV": "N",
"UI": "R",
"A": "N",
"AC": "L",
"I": "L",
"S": "C",
"C": "L"
}
]
}
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)"
},
{
"name" : "ibm-rqm-cve20181827-xss (150430)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/150430",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2018-1827"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150430."
}
]
}
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-Site Scripting",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_version": "4.0",
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
},
"product_name": "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"references": {
"reference_data": [
{
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)"
},
{
"name": "ibm-rqm-cve20181827-xss (150430)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/150430",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-06-25T00:00:00",
"ID": "CVE-2018-1827"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150430."
}
]
}
}

214
2018/1xxx/CVE-2018-1828.json
View File

@ -1,111 +1,111 @@
{
"description" : {
"description_data" : [
{
"value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150431.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2018-1828"
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"name" : "ibm-rqm-cve20181828-xss (150431)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/150431",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"description": {
"description_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Rational Collaborative Lifecycle Management",
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"value": "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150431.",
"lang": "eng"
}
]
}
},
"data_version" : "4.0",
"data_type" : "CVE",
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
},
"BM" : {
"UI" : "R",
"SCORE" : "5.400",
"AV" : "N",
"PR" : "L",
"I" : "L",
"S" : "C",
"C" : "L",
"AC" : "L",
"A" : "N"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2019-06-25T00:00:00",
"ID": "CVE-2018-1828"
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource": "CONFIRM",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"name": "ibm-rqm-cve20181828-xss (150431)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/150431",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational Collaborative Lifecycle Management",
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
}
}
}
},
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
},
"BM": {
"UI": "R",
"SCORE": "5.400",
"AV": "N",
"PR": "L",
"I": "L",
"S": "C",
"C": "L",
"AC": "L",
"A": "N"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
}
}

218
2018/1xxx/CVE-2018-1892.json
View File

@ -1,111 +1,111 @@
{
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "H"
},
"BM" : {
"C" : "L",
"I" : "L",
"S" : "C",
"AC" : "L",
"A" : "N",
"UI" : "R",
"AV" : "N",
"SCORE" : "5.400",
"PR" : "L"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name" : "IBM"
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "H"
},
"BM": {
"C": "L",
"I": "L",
"S": "C",
"AC": "L",
"A": "N",
"UI": "R",
"AV": "N",
"SCORE": "5.400",
"PR": "L"
}
]
}
},
"data_version" : "4.0",
"data_type" : "CVE",
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152156",
"name" : "ibm-rqm-cve20181892-xss (152156)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152156."
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2018-1892",
"DATE_PUBLIC" : "2019-06-25T00:00:00"
}
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-Site Scripting",
"lang": "eng"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
},
"product_name": "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource": "CONFIRM",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152156",
"name": "ibm-rqm-cve20181892-xss (152156)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152156."
}
]
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2018-1892",
"DATE_PUBLIC": "2019-06-25T00:00:00"
}
}

218
2018/1xxx/CVE-2018-1893.json
View File

@ -1,111 +1,111 @@
{
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
}
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
},
"product_name": "Rational Collaborative Lifecycle Management"
}
]
}
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "R",
"SCORE" : "5.400",
"AV" : "N",
"PR" : "L",
"I" : "L",
"S" : "C",
"C" : "L",
"AC" : "L",
"A" : "N"
},
"TM" : {
"RL" : "O",
"E" : "H",
"RC" : "C"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152157."
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2018-1893"
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152157",
"name" : "ibm-rqm-cve20181893-xss (152157)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"impact": {
"cvssv3": {
"BM": {
"UI": "R",
"SCORE": "5.400",
"AV": "N",
"PR": "L",
"I": "L",
"S": "C",
"C": "L",
"AC": "L",
"A": "N"
},
"TM": {
"RL": "O",
"E": "H",
"RC": "C"
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152157."
}
]
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-06-25T00:00:00",
"ID": "CVE-2018-1893"
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152157",
"name": "ibm-rqm-cve20181893-xss (152157)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
}
}

56
2019/12xxx/CVE-2019-12887.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12887",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-12887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "KeyIdentity LinOTP before 2.10.5.3 has Incorrect Access Control (issue 1 of 2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.linotp.org/CVE-2019-12887.txt",
"url": "https://www.linotp.org/CVE-2019-12887.txt"
}
]
}

214
2019/4xxx/CVE-2019-4083.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2019-4083",
"DATE_PUBLIC" : "2019-06-25T00:00:00"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 157383."
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-jazz-cve20194083-xss (157383)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/157383"
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2019-4083",
"DATE_PUBLIC": "2019-06-25T00:00:00"
},
"description": {
"description_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Rational Collaborative Lifecycle Management",
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"lang": "eng",
"value": "IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 157383."
}
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "R",
"PR" : "L",
"AV" : "N",
"SCORE" : "5.400",
"C" : "L",
"S" : "C",
"I" : "L",
"A" : "N",
"AC" : "L"
},
"TM" : {
"RC" : "C",
"E" : "H",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"title": "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource": "CONFIRM"
},
{
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-jazz-cve20194083-xss (157383)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/157383"
}
]
},
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational Collaborative Lifecycle Management",
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
}
}
}
},
"impact": {
"cvssv3": {
"BM": {
"UI": "R",
"PR": "L",
"AV": "N",
"SCORE": "5.400",
"C": "L",
"S": "C",
"I": "L",
"A": "N",
"AC": "L"
},
"TM": {
"RC": "C",
"E": "H",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
}
}

214
2019/4xxx/CVE-2019-4084.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2019-4084",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated user to obtain sensitive information from CLM Applications that could be used in further attacks against the system. IBM X-Force ID: 157384."
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/157384",
"name" : "ibm-jazz-cve20194084-info-disc (157384)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_type" : "CVE",
"data_version" : "4.0",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
"CVE_data_meta": {
"DATE_PUBLIC": "2019-06-25T00:00:00",
"ID": "CVE-2019-4084",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
}
"lang": "eng",
"value": "IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated user to obtain sensitive information from CLM Applications that could be used in further attacks against the system. IBM X-Force ID: 157384."
}
]
}
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"UI" : "N",
"SCORE" : "4.300",
"AV" : "N",
"PR" : "L",
"S" : "U",
"I" : "N",
"C" : "L",
"AC" : "L",
"A" : "N"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/157384",
"name": "ibm-jazz-cve20194084-info-disc (157384)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"data_type": "CVE",
"data_version": "4.0",
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
},
"product_name": "Rational Collaborative Lifecycle Management"
}
]
}
}
]
}
]
}
}
}
},
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
},
"BM": {
"UI": "N",
"SCORE": "4.300",
"AV": "N",
"PR": "L",
"S": "U",
"I": "N",
"C": "L",
"AC": "L",
"A": "N"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
}
}

216
2019/4xxx/CVE-2019-4249.json
View File

@ -1,111 +1,111 @@
{
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/159647",
"name" : "ibm-rtc-cve20194249-xss (159647)"
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159647.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2019-4249",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "R",
"PR" : "L",
"SCORE" : "5.400",
"AV" : "N",
"S" : "C",
"I" : "L",
"C" : "L",
"A" : "N",
"AC" : "L"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"references": {
"reference_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Rational Collaborative Lifecycle Management",
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"title": "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource": "CONFIRM",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/159647",
"name": "ibm-rtc-cve20194249-xss (159647)"
}
]
}
},
"data_type" : "CVE",
"data_version" : "4.0",
"data_format" : "MITRE"
}
]
},
"description": {
"description_data": [
{
"value": "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159647.",
"lang": "eng"
}
]
},
"CVE_data_meta": {
"ID": "CVE-2019-4249",
"DATE_PUBLIC": "2019-06-25T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"impact": {
"cvssv3": {
"BM": {
"UI": "R",
"PR": "L",
"SCORE": "5.400",
"AV": "N",
"S": "C",
"I": "L",
"C": "L",
"A": "N",
"AC": "L"
},
"TM": {
"E": "H",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational Collaborative Lifecycle Management",
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_type": "CVE",
"data_version": "4.0",
"data_format": "MITRE"
}

216
2019/4xxx/CVE-2019-4250.json
View File

@ -1,111 +1,111 @@
{
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/159648",
"name" : "ibm-jazz-cve20194250-xss (159648)"
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159648.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2019-4250",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "5.400",
"AV" : "N",
"PR" : "L",
"UI" : "R",
"AC" : "L",
"A" : "N",
"S" : "C",
"I" : "L",
"C" : "L"
},
"TM" : {
"RL" : "O",
"E" : "H",
"RC" : "C"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"references": {
"reference_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
}
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/159648",
"name": "ibm-jazz-cve20194250-xss (159648)"
}
]
}
},
"data_version" : "4.0",
"data_type" : "CVE",
"data_format" : "MITRE"
}
]
},
"description": {
"description_data": [
{
"value": "IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159648.",
"lang": "eng"
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2019-06-25T00:00:00",
"ID": "CVE-2019-4250",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-Site Scripting",
"lang": "eng"
}
]
}
]
},
"impact": {
"cvssv3": {
"BM": {
"SCORE": "5.400",
"AV": "N",
"PR": "L",
"UI": "R",
"AC": "L",
"A": "N",
"S": "C",
"I": "L",
"C": "L"
},
"TM": {
"RL": "O",
"E": "H",
"RC": "C"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
},
"product_name": "Rational Collaborative Lifecycle Management"
}
]
}
}
]
}
},
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE"
}

218
2019/4xxx/CVE-2019-4252.json
View File

@ -1,111 +1,111 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"S" : "U",
"I" : "N",
"C" : "H",
"PR" : "L",
"SCORE" : "6.500",
"AV" : "N",
"UI" : "N"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name" : "IBM"
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"S": "U",
"I": "N",
"C": "H",
"PR": "L",
"SCORE": "6.500",
"AV": "N",
"UI": "N"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"name" : "ibm-rtc-cve20194252-info-disc (159883)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/159883",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 159883.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2019-4252",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
}
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
},
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
}
]
},
"product_name": "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource": "CONFIRM",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"name": "ibm-rtc-cve20194252-info-disc (159883)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/159883",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"description": {
"description_data": [
{
"value": "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 159883.",
"lang": "eng"
}
]
},
"CVE_data_meta": {
"ID": "CVE-2019-4252",
"DATE_PUBLIC": "2019-06-25T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
}
}

5
2019/4xxx/CVE-2019-4303.json
View File

@ -63,6 +63,11 @@
"refsource": "XF",
"name": "ibm-maximo-cve20194303-xss (160949)",
"title": "X-Force Vulnerability Report"
},
{
"refsource": "BID",
"name": "108912",
"url": "http://www.securityfocus.com/bid/108912"
}
]
},