Update CVE-2019-5641.json (#61)

From @chamilton-r7
2025-08-04 08:44:25 +00:00 · 2022-09-21 09:44:10 -05:00 · 2022-09-21 09:44:10 -05:00 · 1f031f9899
commit 1f031f9899
parent f317f62d93
1 changed files with 100 additions and 16 deletions
--- a/2019/5xxx/CVE-2019-5641.json
+++ b/2019/5xxx/CVE-2019-5641.json
@ -1,18 +1,102 @@
 {
-    "CVE_data_meta": {
-        "ASSIGNER": "cve@mitre.org",
-        "ID": "CVE-2019-5641",
-        "STATE": "RESERVED"
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
-    "description": {
-        "description_data": [
-            {
-                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
-            }
-        ]
+  "data_type": "CVE",
+  "data_format": "MITRE",
+  "data_version": "4.0",
+  "generator": {
+    "engine": "Vulnogram 0.0.9"
+  },
+  "CVE_data_meta": {
+    "ID": "CVE-2019-5641",
+    "ASSIGNER": "cve@rapid7.com",
+    "DATE_PUBLIC": "2022-08-30T09:00:00.000Z",
+    "TITLE": "Rapid7 InsightVM Information Disclosure after Logout",
+    "AKA": "",
+    "STATE": "PUBLIC"
+  },
+  "source": {
+    "defect": [],
+    "advisory": "",
+    "discovery": "UNKNOWN"
+  },
+  "affects": {
+    "vendor": {
+      "vendor_data": [
+        {
+          "vendor_name": "Rapid7",
+          "product": {
+            "product_data": [
+              {
+                "product_name": "InsightVM",
+                "version": {
+                  "version_data": [
+                    {
+                      "version_name": "6.6.160",
+                      "version_affected": "<=",
+                      "version_value": "6.6.160",
+                      "platform": ""
+                    }
+                  ]
+                }
+              }
+            ]
+          }
+        }
+      ]
    }
-}
+  },
+  "problemtype": {
+    "problemtype_data": [
+      {
+        "description": [
+          {
+            "lang": "eng",
+            "value": "CWE-200 Information Exposure"
+          }
+        ]
+      }
+    ]
+  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "Rapid7 InsightVM suffers from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login panel and view the details available in the last webpage visited by previous user"
+      }
+    ]
+  },
+  "references": {
+    "reference_data": [
+      {
+        "refsource": "CONFIRM",
+        "url": "https://docs.rapid7.com/release-notes/insightvm/20220830/",
+        "name": "https://docs.rapid7.com/release-notes/insightvm/20220830/"
+      }
+    ]
+  },
+  "configuration": [],
+  "impact": {
+    "cvss": {
+      "version": "3.1",
+      "attackVector": "LOCAL",
+      "attackComplexity": "LOW",
+      "privilegesRequired": "LOW",
+      "userInteraction": "NONE",
+      "scope": "UNCHANGED",
+      "confidentialityImpact": "LOW",
+      "integrityImpact": "NONE",
+      "availabilityImpact": "NONE",
+      "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+      "baseScore": 3.3,
+      "baseSeverity": "LOW"
+    }
+  },
+  "exploit": [],
+  "work_around": [],
+  "solution": [],
+  "credit": [
+    {
+      "lang": "eng",
+      "value": "Ashutosh Barot reported this vulnerability to Rapid7"
+    }
+  ]
+}