admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#3233

Browse Source 
Auto-merge PR#3233
This commit is contained in:
CVE Team 2020-02-12 11:10:25 -05:00 committed by GitHub
commit 25c2a1638f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 267 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
2019/4xxx/CVE-2019-4427.json
View File

@ -1,18 +1,93 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4427",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/1356087",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/1356087",
"title" : "IBM Security Bulletin 1356087 (Cloud CLI)"
},
{
"name" : "ibm-cli-cve20194427-info-disc (162773)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/162773"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2019-4427",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-02-05T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Cloud CLI",
"version" : {
"version_data" : [
{
"version_value" : "0.6.0"
},
{
"version_value" : "0.16.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Cloud CLI 0.6.0 through 0.16.1 windows installers are signed using SHA1 certificate. An attacker might be able to exploit the weak algorithm to generate a installer with malicious software inside. IBM X-Force ID: 162773.",
"lang" : "eng"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "5.900",
"AC" : "H",
"UI" : "N",
"C" : "H",
"I" : "N",
"AV" : "N",
"PR" : "N",
"A" : "N",
"S" : "U"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"data_format" : "MITRE"
}

105
2019/4xxx/CVE-2019-4431.json
View File

@ -1,18 +1,93 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4431",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "H",
"RL" : "O"
},
"BM" : {
"S" : "C",
"A" : "N",
"PR" : "L",
"I" : "L",
"C" : "L",
"AV" : "N",
"UI" : "R",
"AC" : "L",
"SCORE" : "5.400"
}
}
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Publishing Engine"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational Publishing Engine 6.0.6 and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162888."
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 1942929 (Rational Publishing Engine)",
"name" : "https://www.ibm.com/support/pages/node/1942929",
"url" : "https://www.ibm.com/support/pages/node/1942929",
"refsource" : "CONFIRM"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/162888",
"name" : "ibm-pe-cve20194431-xss (162888)",
"title" : "X-Force Vulnerability Report"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2019-4431",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-02-11T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
}
}

102
2019/4xxx/CVE-2019-4741.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4741",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-02-10T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2019-4741"
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/1846569",
"title" : "IBM Security Bulletin 1846569 (Content Navigator)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/1846569"
},
{
"name" : "ibm-cn-cve20194741-ssrf (172815)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/172815",
"refsource" : "XF"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"I" : "L",
"C" : "N",
"AV" : "N",
"A" : "N",
"S" : "U",
"PR" : "N",
"UI" : "N",
"SCORE" : "5.300",
"AC" : "L"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 172815."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Content Navigator",
"version" : {
"version_data" : [
{
"version_value" : "3.0CD"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
}
}