admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-08-28 15:01:33 +00:00
parent 40b6b89af8
commit 1de6391bf0
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
7 changed files with 469 additions and 363 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2019/18xxx/CVE-2019-18392.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-18392",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none."
}
]
}
}

56
2019/19xxx/CVE-2019-19499.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19499",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19499",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://swarm.ptsecurity.com/grafana-6-4-3-arbitrary-file-read/",
"url": "https://swarm.ptsecurity.com/grafana-6-4-3-arbitrary-file-read/"
}
]
}

174
2019/4xxx/CVE-2019-4533.json
View File

@ -1,90 +1,90 @@
{
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-08-27T00:00:00",
"ID" : "CVE-2019-4533",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Resilient SOAR V38.0 users may experience a denial of service of the SOAR Platform due to a insufficient input validation. IBM X-Force ID: 165589."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6323645",
"title" : "IBM Security Bulletin 6323645 (Resilient SOAR)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6323645"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-resilient-cve20194533-dos (165589)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/165589"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"I" : "N",
"PR" : "L",
"AV" : "N",
"C" : "N",
"S" : "U",
"AC" : "L",
"A" : "L",
"SCORE" : "4.300",
"UI" : "N"
}
}
},
"data_type" : "CVE",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
"CVE_data_meta": {
"DATE_PUBLIC": "2020-08-27T00:00:00",
"ID": "CVE-2019-4533",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"data_version": "4.0",
"description": {
"description_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "38"
}
]
},
"product_name" : "Resilient SOAR"
}
]
},
"vendor_name" : "IBM"
"lang": "eng",
"value": "IBM Resilient SOAR V38.0 users may experience a denial of service of the SOAR Platform due to a insufficient input validation. IBM X-Force ID: 165589."
}
]
}
}
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6323645",
"title": "IBM Security Bulletin 6323645 (Resilient SOAR)",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6323645"
},
{
"title": "X-Force Vulnerability Report",
"name": "ibm-resilient-cve20194533-dos (165589)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/165589"
}
]
},
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
},
"BM": {
"I": "N",
"PR": "L",
"AV": "N",
"C": "N",
"S": "U",
"AC": "L",
"A": "L",
"SCORE": "4.300",
"UI": "N"
}
}
},
"data_type": "CVE",
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "38"
}
]
},
"product_name": "Resilient SOAR"
}
]
},
"vendor_name": "IBM"
}
]
}
}
}

174
2019/4xxx/CVE-2019-4579.json
View File

@ -1,90 +1,90 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6323783",
"title" : "IBM Security Bulletin 6323783 (Resilient SOAR)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6323783"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/167236",
"refsource" : "XF",
"name" : "ibm-resilient-cve20194579-input-validation (167236)",
"title" : "X-Force Vulnerability Report"
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-08-27T00:00:00",
"ID" : "CVE-2019-4579",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM Resilient SOAR 38 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 167236.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Resilient SOAR",
"version" : {
"version_data" : [
{
"version_value" : "38"
}
]
}
}
]
},
"vendor_name" : "IBM"
"description": [
{
"value": "Gain Access",
"lang": "eng"
}
]
}
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"I" : "L",
"PR" : "L",
"AV" : "N",
"S" : "U",
"C" : "N",
"AC" : "L",
"A" : "N",
"SCORE" : "4.300",
"UI" : "N"
},
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
}
}
},
"data_type" : "CVE",
"data_format" : "MITRE"
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6323783",
"title": "IBM Security Bulletin 6323783 (Resilient SOAR)",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6323783"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167236",
"refsource": "XF",
"name": "ibm-resilient-cve20194579-input-validation (167236)",
"title": "X-Force Vulnerability Report"
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2020-08-27T00:00:00",
"ID": "CVE-2019-4579",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"data_version": "4.0",
"description": {
"description_data": [
{
"value": "IBM Resilient SOAR 38 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 167236.",
"lang": "eng"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Resilient SOAR",
"version": {
"version_data": [
{
"version_value": "38"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"impact": {
"cvssv3": {
"BM": {
"I": "L",
"PR": "L",
"AV": "N",
"S": "U",
"C": "N",
"AC": "L",
"A": "N",
"SCORE": "4.300",
"UI": "N"
},
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
}
}
},
"data_type": "CVE",
"data_format": "MITRE"
}

180
2020/4xxx/CVE-2020-4559.json
View File

@ -1,93 +1,93 @@
{
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4559",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-08-27T00:00:00"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect 7.1 and 8.1 could allow an attacker to cause a denial of service due ti improper validation of user-supplied input. IBM X-Force ID: 183613."
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6323757 (Spectrum Protect)",
"name" : "https://www.ibm.com/support/pages/node/6323757",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6323757"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/183613",
"refsource" : "XF",
"name" : "ibm-spectrum-cve20204559-dos (183613)",
"title" : "X-Force Vulnerability Report"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Denial of Service",
"lang" : "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"SCORE" : "5.900",
"I" : "N",
"PR" : "N",
"AV" : "N",
"C" : "N",
"S" : "U",
"AC" : "H",
"A" : "H",
"UI" : "N"
}
}
},
"data_type" : "CVE",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4559",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-08-27T00:00:00"
},
"description": {
"description_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.1"
},
{
"version_value" : "8.1"
}
]
},
"product_name" : "Spectrum Protect"
}
]
},
"vendor_name" : "IBM"
"lang": "eng",
"value": "IBM Spectrum Protect 7.1 and 8.1 could allow an attacker to cause a denial of service due ti improper validation of user-supplied input. IBM X-Force ID: 183613."
}
]
}
}
}
]
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6323757 (Spectrum Protect)",
"name": "https://www.ibm.com/support/pages/node/6323757",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6323757"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/183613",
"refsource": "XF",
"name": "ibm-spectrum-cve20204559-dos (183613)",
"title": "X-Force Vulnerability Report"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Denial of Service",
"lang": "eng"
}
]
}
]
},
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"SCORE": "5.900",
"I": "N",
"PR": "N",
"AV": "N",
"C": "N",
"S": "U",
"AC": "H",
"A": "H",
"UI": "N"
}
}
},
"data_type": "CVE",
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "8.1"
}
]
},
"product_name": "Spectrum Protect"
}
]
},
"vendor_name": "IBM"
}
]
}
}
}

180
2020/4xxx/CVE-2020-4591.json
View File

@ -1,93 +1,93 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6323765",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6323765 (Spectrum Protect Server)",
"name" : "https://www.ibm.com/support/pages/node/6323765"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/184746",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-spectrum-cve20204591-info-disc (184746)"
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2020-4591",
"DATE_PUBLIC" : "2020-08-27T00:00:00"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. IBM X-Force ID: 184746."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "8.1.0.000"
},
{
"version_value" : "8.1.10.000"
}
]
},
"product_name" : "Spectrum Protect Server"
}
]
}
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"A" : "N",
"AC" : "H",
"C" : "L",
"S" : "U",
"AV" : "L",
"I" : "N",
"PR" : "N",
"SCORE" : "2.900",
"UI" : "N"
}
}
},
"data_format" : "MITRE"
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6323765",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6323765 (Spectrum Protect Server)",
"name": "https://www.ibm.com/support/pages/node/6323765"
},
{
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/184746",
"title": "X-Force Vulnerability Report",
"name": "ibm-spectrum-cve20204591-info-disc (184746)"
}
]
},
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2020-4591",
"DATE_PUBLIC": "2020-08-27T00:00:00"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. IBM X-Force ID: 184746."
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "8.1.0.000"
},
{
"version_value": "8.1.10.000"
}
]
},
"product_name": "Spectrum Protect Server"
}
]
}
}
]
}
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"A": "N",
"AC": "H",
"C": "L",
"S": "U",
"AV": "L",
"I": "N",
"PR": "N",
"SCORE": "2.900",
"UI": "N"
}
}
},
"data_format": "MITRE"
}

50
2020/9xxx/CVE-2020-9298.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9298",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-report@netflix.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Netflix Orca Spinnaker",
"version": {
"version_data": [
{
"version_value": "All versions prior to version v8.7.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Server-Side Request Forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2020-003.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2020-003.md"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Spinnaker template resolution functionality is vulnerable to Server-Side Request Forgery (SSRF), which allows an attacker to send requests on behalf of Spinnaker potentially leading to sensitive data disclosure."
}
]
}