From 21f1ade3aa103052b025032c255b22bc8efb9d8c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 2 Jul 2018 09:03:54 -0400 Subject: [PATCH] - Synchronized data. --- 2012/5xxx/CVE-2012-5575.json | 2 +- 2017/17xxx/CVE-2017-17175.json | 2 + 2017/17xxx/CVE-2017-17316.json | 4 +- 2017/17xxx/CVE-2017-17317.json | 4 +- 2018/10xxx/CVE-2018-10874.json | 135 +++++++++++++++++---------------- 2018/8xxx/CVE-2018-8039.json | 14 +++- 6 files changed, 91 insertions(+), 70 deletions(-) diff --git a/2012/5xxx/CVE-2012-5575.json b/2012/5xxx/CVE-2012-5575.json index d76d90cce83..4e9cc04ae46 100644 --- a/2012/5xxx/CVE-2012-5575.json +++ b/2012/5xxx/CVE-2012-5575.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "Apache CFX 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications, aka \"XML Encryption backwards compatibility attack.\"" + "value" : "Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications, aka \"XML Encryption backwards compatibility attack.\"" } ] }, diff --git a/2017/17xxx/CVE-2017-17175.json b/2017/17xxx/CVE-2017-17175.json index 78a6d2507b7..f9abc219e9a 100644 --- a/2017/17xxx/CVE-2017-17175.json +++ b/2017/17xxx/CVE-2017-17175.json @@ -53,6 +53,8 @@ "references" : { "reference_data" : [ { + "name" : "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180629-01-smartphone-en", + "refsource" : "CONFIRM", "url" : "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180629-01-smartphone-en" } ] diff --git a/2017/17xxx/CVE-2017-17316.json b/2017/17xxx/CVE-2017-17316.json index 86948a31501..960f6db2331 100644 --- a/2017/17xxx/CVE-2017-17316.json +++ b/2017/17xxx/CVE-2017-17316.json @@ -70,7 +70,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal." + "value" : "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal." } ] }, @@ -89,6 +89,8 @@ "references" : { "reference_data" : [ { + "name" : "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en", + "refsource" : "CONFIRM", "url" : "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en" } ] diff --git a/2017/17xxx/CVE-2017-17317.json b/2017/17xxx/CVE-2017-17317.json index 5572bd5056d..9203561b0af 100644 --- a/2017/17xxx/CVE-2017-17317.json +++ b/2017/17xxx/CVE-2017-17317.json @@ -130,7 +130,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "Common Open Policy Service Protocol (COPS) module in USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal." + "value" : "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal." } ] }, @@ -149,6 +149,8 @@ "references" : { "reference_data" : [ { + "name" : "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en", + "refsource" : "CONFIRM", "url" : "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en" } ] diff --git a/2018/10xxx/CVE-2018-10874.json b/2018/10xxx/CVE-2018-10874.json index a9099862348..7bf5101269c 100644 --- a/2018/10xxx/CVE-2018-10874.json +++ b/2018/10xxx/CVE-2018-10874.json @@ -1,69 +1,72 @@ { - "impact": { - "cvss": [ - [ - { - "vectorString": "7.8/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.0" - } + "CVE_data_meta" : { + "ASSIGNER" : "lpardo@redhat.com", + "ID" : "CVE-2018-10874", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "ansible", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "[UNKNOWN]" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result." + } + ] + }, + "impact" : { + "cvss" : [ + [ + { + "vectorString" : "7.8/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version" : "3.0" + } + ] + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-426" + } ] - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result." - } - ] - }, - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - }, - "product_name": "ansible" - } - ] - }, - "vendor_name": "[UNKNOWN]" - } - ] - } - }, - "data_format": "MITRE", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-426" - } - ] - } - ] - }, - "data_version": "4.0", - "references": { - "reference_data": [ - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874" - } - ] - }, - "CVE_data_meta": { - "ID": "CVE-2018-10874", - "ASSIGNER": "lpardo@redhat.com" - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874", + "refsource" : "CONFIRM", + "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874" + } + ] + } } diff --git a/2018/8xxx/CVE-2018-8039.json b/2018/8xxx/CVE-2018-8039.json index f04e9f2fb8d..786f850567d 100644 --- a/2018/8xxx/CVE-2018-8039.json +++ b/2018/8xxx/CVE-2018-8039.json @@ -35,7 +35,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "It is possible to configure CXF to use the com.sun.net.ssl implementation via: System.setProperty(\"java.protocol.handler.pkgs\", \"com.sun.net.ssl.internal.www.protocol\"); When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old com.sun.net.ssl.HostnameVerifier interface. However, the default HostnameVerifier implementation in CXF does not implement the method in this interface, and an exception is thrown. However, the exception is caught in the reflection code and not properly propagated. What this means is that if you are using the com.sun.net.ssl stack with CXF, an error with TLS hostname verification will not be thrown, leaving a CXF client subject to man-in-the-middle attacks." + "value" : "It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty(\"java.protocol.handler.pkgs\", \"com.sun.net.ssl.internal.www.protocol\");'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old com.sun.net.ssl.HostnameVerifier interface. However, the default HostnameVerifier implementation in CXF does not implement the method in this interface, and an exception is thrown. However, in Apache CXF prior to 3.2.5 and 3.1.16 the exception is caught in the reflection code and not properly propagated. What this means is that if you are using the com.sun.net.ssl stack with CXF, an error with TLS hostname verification will not be thrown, leaving a CXF client subject to man-in-the-middle attacks." } ] }, @@ -54,7 +54,19 @@ "references" : { "reference_data" : [ { + "name" : "[cxf-user] 20180628 Apache CXF 3.2.6 and 3.1.16 are released", + "refsource" : "MLIST", "url" : "https://lists.apache.org/thread.html/1f8ff31df204ad0374ab26ad333169e0387a5e7ec92422f337431866@%3Cdev.cxf.apache.org%3E" + }, + { + "name" : "http://cxf.apache.org/security-advisories.data/CVE-2018-8039.txt.asc?version=1&modificationDate=1530184663000&api=v2", + "refsource" : "CONFIRM", + "url" : "http://cxf.apache.org/security-advisories.data/CVE-2018-8039.txt.asc?version=1&modificationDate=1530184663000&api=v2" + }, + { + "name" : "https://github.com/apache/cxf/commit/fae6fabf9bd7647f5e9cb68897a7d72b545b741b", + "refsource" : "CONFIRM", + "url" : "https://github.com/apache/cxf/commit/fae6fabf9bd7647f5e9cb68897a7d72b545b741b" } ] }