admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-04-10 21:00:46 +00:00
parent 4c2e51013f
commit 263b154a58
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
34 changed files with 3325 additions and 2647 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
2018/19xxx/CVE-2018-19453.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19453",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.hivint.com/advisory-upload-malicious-file-in-kentico-cms-cve-2018-19453-36debbf85216",
"refsource": "MISC",
"name": "https://blog.hivint.com/advisory-upload-malicious-file-in-kentico-cms-cve-2018-19453-36debbf85216"
}
]
}

5
2018/20xxx/CVE-2018-20244.json
View File

@ -62,6 +62,11 @@
"refsource": "MLIST",
"name": "[airflow-dev] 20190410 CVE-2019-0216, CVE-2019-0229 vulnerabilities affecting Apache Airflow <= 1.10.2 webserver component",
"url": "https://lists.apache.org/thread.html/2de387213d45bc626d27554a1bde7b8c67d08720901f82a50b6f4231@%3Cdev.airflow.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190410 CVE-2019-0216, CVE-2019-0229 vulnerabilities affecting Apache Airflow <= 1.10.2 webserver component",
"url": "http://www.openwall.com/lists/oss-security/2019/04/10/6"
}
]
}

2
2019/0xxx/CVE-2019-0008.json
View File

@ -92,7 +92,7 @@
"description_data": [
{
"lang": "eng",
"value": "A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution.\nAffected releases are Juniper Networks Junos OS on QFX 5000 series, EX4300, EX4600 are:\n14.1X53;\n15.1X53 versions prior to 15.1X53-D235;\n17.1 versions prior to 17.1R3;\n17.2 versions prior to 17.2R3;\n17.3 versions prior to 17.3R3-S2, 17.3R4;\n17.4 versions prior to 17.4R2-S1, 17.4R3;\n18.1 versions prior to 18.1R3-S1, 18.1R4;\n18.2 versions prior to 18.2R2;\n18.2X75 versions prior to 18.2X75-D30;\n18.3 versions prior to 18.3R2."
"value": "A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. Affected releases are Juniper Networks Junos OS on QFX 5000 series, EX4300, EX4600 are: 14.1X53; 15.1X53 versions prior to 15.1X53-D235; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S2, 17.3R4; 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1, 18.1R4; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R2."
}
]
},

2
2019/0xxx/CVE-2019-0019.json
View File

@ -99,7 +99,7 @@
"description_data": [
{
"lang": "eng",
"value": "When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition.\nAffected releases are Juniper Networks Junos OS:\n16.1 versions prior to 16.1R7-S4, 16.1R7-S5;\n16.2 versions prior to 16.2R2-S9, 16.2R3;\n17.1 versions prior to 17.1R3;\n17.2 versions prior to 17.2R3-S1;\n17.3 versions prior to 17.3R3-S3, 17.3R3-S4, 17.3R4;\n17.4 versions prior to 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3;\n18.1 versions prior to 18.1R2-S4, 18.1R3-S4, 18.1R4;\n18.2 versions prior to 18.2R2-S2, 18.2R2-S3, 18.2R3;\n18.2X75 versions prior to 18.2X75-D40;\n18.3 versions prior to 18.3R1-S3, 18.3R2;\n18.4 versions prior to 18.4R1-S2, 18.4R2.\n\nThis issue does not affect Junos releases prior to 16.1R1."
"value": "When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9, 16.2R3; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3-S1; 17.3 versions prior to 17.3R3-S3, 17.3R3-S4, 17.3R4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4, 18.1R4; 18.2 versions prior to 18.2R2-S2, 18.2R2-S3, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2. This issue does not affect Junos releases prior to 16.1R1."
}
]
},

2
2019/0xxx/CVE-2019-0028.json
View File

@ -82,7 +82,7 @@
"description_data": [
{
"lang": "eng",
"value": "On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart. By simulating a specific BGP session restart, an attacker can repeatedly crash the RPD process causing prolonged denial of service (DoS). \nGraceful restart helper mode for BGP is enabled by default.\nNo other Juniper Networks products or platforms are affected by this issue.\n\n\n\nAffected releases are Juniper Networks Junos OS:\n16.1 versions prior to 16.1R7;\n16.1X65 versions prior to 16.1X65-D48;\n16.2 versions prior to 16.2R2-S8;\n17.1 versions prior to 17.1R2-S7, 17.1R3;\n17.2 versions prior to 17.2R1-S7, 17.2R3;\n17.2X75 versions prior to 17.2X75-D92, 17.2X75-D102, 17.2X75-D110;\n17.3 versions prior to 17.3R2-S2, 17.3R3;\n17.4 versions prior to 17.4R1-S4, 17.4R2;\n18.1 versions prior to 18.1R2.\n\nJunos OS releases prior to 16.1R1 are not affected."
"value": "On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart. By simulating a specific BGP session restart, an attacker can repeatedly crash the RPD process causing prolonged denial of service (DoS). Graceful restart helper mode for BGP is enabled by default. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7; 16.1X65 versions prior to 16.1X65-D48; 16.2 versions prior to 16.2R2-S8; 17.1 versions prior to 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.2X75 versions prior to 17.2X75-D92, 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 18.1 versions prior to 18.1R2. Junos OS releases prior to 16.1R1 are not affected."
}
]
},

2
2019/0xxx/CVE-2019-0031.json
View File

@ -43,7 +43,7 @@
"description_data": [
{
"lang": "eng",
"value": "Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. Once started, memory consumption will eventually impact any IPv4 or IPv6 request serviced by the jdhcpd daemon, thus creating a Denial of Service (DoS) condition to clients requesting and not receiving IP addresses. Additionally, some clients which were previously holding IPv6 addresses will not have their IPv6 Identity Association (IA) address and network tables agreed upon by the jdhcpd daemon after the failover event occurs, which leads to more than one interface, and multiple IP addresses, being denied on the client.\nAffected releases are Juniper Networks Junos OS:\n17.4 versions prior to 17.4R2;\n18.1 versions prior to 18.1R2."
"value": "Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. Once started, memory consumption will eventually impact any IPv4 or IPv6 request serviced by the jdhcpd daemon, thus creating a Denial of Service (DoS) condition to clients requesting and not receiving IP addresses. Additionally, some clients which were previously holding IPv6 addresses will not have their IPv6 Identity Association (IA) address and network tables agreed upon by the jdhcpd daemon after the failover event occurs, which leads to more than one interface, and multiple IP addresses, being denied on the client. Affected releases are Juniper Networks Junos OS: 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2."
}
]
},

2
2019/0xxx/CVE-2019-0032.json
View File

@ -56,7 +56,7 @@
"description_data": [
{
"lang": "eng",
"value": "A password management issue exists where the Organization authentication username and password were stored in plaintext in log files.\nA locally authenticated attacker who is able to access these stored plaintext credentials can use them to login to the Organization.\nAffected products are:\n\nJuniper Networks Service Insight versions from 15.1R1, prior to 18.1R1.\n\nService Now versions from 15.1R1, prior to 18.1R1."
"value": "A password management issue exists where the Organization authentication username and password were stored in plaintext in log files. A locally authenticated attacker who is able to access these stored plaintext credentials can use them to login to the Organization. Affected products are: Juniper Networks Service Insight versions from 15.1R1, prior to 18.1R1. Service Now versions from 15.1R1, prior to 18.1R1."
}
]
},

2
2019/0xxx/CVE-2019-0033.json
View File

@ -63,7 +63,7 @@
"description_data": [
{
"lang": "eng",
"value": "A firewall bypass vulnerability in the proxy ARP service of Juniper Networks Junos OS allows an attacker to cause a high CPU condition leading to a Denial of Service (DoS).\nThis issue affects only IPv4.\nAffected releases are Juniper Networks Junos OS:\n12.1X46 versions above and including 12.1X46-D25 prior to 12.1X46-D71, 12.1X46-D73 on SRX Series;\n12.3X48 versions prior to 12.3X48-D50 on SRX Series;\n15.1X49 versions prior to 15.1X49-D75 on SRX Series."
"value": "A firewall bypass vulnerability in the proxy ARP service of Juniper Networks Junos OS allows an attacker to cause a high CPU condition leading to a Denial of Service (DoS). This issue affects only IPv4. Affected releases are Juniper Networks Junos OS: 12.1X46 versions above and including 12.1X46-D25 prior to 12.1X46-D71, 12.1X46-D73 on SRX Series; 12.3X48 versions prior to 12.3X48-D50 on SRX Series; 15.1X49 versions prior to 15.1X49-D75 on SRX Series."
}
]
},

2
2019/0xxx/CVE-2019-0034.json
View File

@ -89,7 +89,7 @@
"description_data": [
{
"lang": "eng",
"value": "Starting with Junos OS Release 16.1R3, the Junos Telemetry Interface supports Google gRPC remote procedure calls to provision sensors and to subscribe to and receive telemetry data.\n\nConfiguration files used by gRPC were found to contain hardcoded credentials that could be used by the Junos Network Agent to perform unauthorized read of certain non-critical information (e.g. sensor data). Additionally, APIs exposed via the Juniper Extension Toolkit (JET) may be able to perform non-critical 'set' operations on the device. These APIs need the client to be authenticated for which the username/password can be used.\n\nSuccessful exploitation of this vulnerability can only occur if the Junos Network Agent package (Junos Telemetry Interface) is installed on the device. If the Junos Network \nAgent is not installed, then the gRPC interface required to leverage these credentials is unavailable and the system is not vulnerable to this issue.\n\nAffected releases are Juniper Networks Junos OS:\n16.1 versions prior to 16.1R3-S10, 16.1R7-S4;\n17.1 versions prior to 17.1R2-S10, 17.1R3;\n17.2 versions prior to 17.2R1-S8, 17.2R3-S1;\n17.3 versions prior to 17.3R3-S3;\n17.4 versions prior to 17.4R1-S6, 17.4R2-S3;\n18.1 versions prior to 18.1R2-S4, 18.1R3-S3;\n18.2 versions prior to 18.2R1-S5, 18.2R2-S1;\n18.2X75 versions prior to 18.2X75-D40;\n18.3 versions prior to 18.3R1-S2, 18.3R1-S3.\n\nThis issue does not affect Junos OS releases prior to 16.1."
"value": "Starting with Junos OS Release 16.1R3, the Junos Telemetry Interface supports Google gRPC remote procedure calls to provision sensors and to subscribe to and receive telemetry data. Configuration files used by gRPC were found to contain hardcoded credentials that could be used by the Junos Network Agent to perform unauthorized read of certain non-critical information (e.g. sensor data). Additionally, APIs exposed via the Juniper Extension Toolkit (JET) may be able to perform non-critical 'set' operations on the device. These APIs need the client to be authenticated for which the username/password can be used. Successful exploitation of this vulnerability can only occur if the Junos Network Agent package (Junos Telemetry Interface) is installed on the device. If the Junos Network Agent is not installed, then the gRPC interface required to leverage these credentials is unavailable and the system is not vulnerable to this issue. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R3-S10, 16.1R7-S4; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S3; 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S2, 18.3R1-S3. This issue does not affect Junos OS releases prior to 16.1."
}
]
},

2
2019/0xxx/CVE-2019-0035.json
View File

@ -114,7 +114,7 @@
"description_data": [
{
"lang": "eng",
"value": "When \"set system ports console insecure\" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using \"set system root-authentication plain-text-password\" on systems booted from an OAM (Operations, Administration, and Maintenance) volume, leading to a possible administrative bypass with physical access to the console. OAM volumes (e.g. flash drives) are typically instantiated as /dev/gpt/oam, or /oam for short.\n\nPassword recovery, changing the root password from a console, should not have been allowed from an insecure console.\nAffected releases are Juniper Networks Junos OS:\n15.1 versions prior to 15.1F6-S12, 15.1R7-S3;\n15.1X49 versions prior to 15.1X49-D160;\n15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D68;\n16.1 versions prior to 16.1R3-S10, 16.1R6-S6, 16.1R7-S3;\n16.1X65 versions prior to 16.1X65-D49;\n16.2 versions prior to 16.2R2-S8;\n17.1 versions prior to 17.1R2-S10, 17.1R3;\n17.2 versions prior to 17.2R1-S8, 17.2R3-S1;\n17.3 versions prior to 17.3R3-S3;\n17.4 versions prior to 17.4R1-S6, 17.4R2-S2;\n18.1 versions prior to 18.1R2-S4, 18.1R3-S3;\n18.2 versions prior to 18.2R2;\n18.2X75 versions prior to 18.2X75-D40;\n18.3 versions prior to 18.3R1-S2.\n\nThis issue does not affect Junos OS releases prior to 15.1."
"value": "When \"set system ports console insecure\" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using \"set system root-authentication plain-text-password\" on systems booted from an OAM (Operations, Administration, and Maintenance) volume, leading to a possible administrative bypass with physical access to the console. OAM volumes (e.g. flash drives) are typically instantiated as /dev/gpt/oam, or /oam for short. Password recovery, changing the root password from a console, should not have been allowed from an insecure console. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; 15.1X49 versions prior to 15.1X49-D160; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D68; 16.1 versions prior to 16.1R3-S10, 16.1R6-S6, 16.1R7-S3; 16.1X65 versions prior to 16.1X65-D49; 16.2 versions prior to 16.2R2-S8; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S6, 17.4R2-S2; 18.1 versions prior to 18.1R2-S4, 18.1R3-S3; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S2. This issue does not affect Junos OS releases prior to 15.1."
}
]
},

2
2019/0xxx/CVE-2019-0036.json
View File

@ -129,7 +129,7 @@
"description_data": [
{
"lang": "eng",
"value": "When configuring a stateless firewall filter in Junos OS, terms named using the format \"internal-n\" (e.g. \"internal-1\", \"internal-2\", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results.\n\nAffected releases are Juniper Networks Junos OS:\nAll versions prior to and including 12.3;\n14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49;\n15.1 versions prior to 15.1F6-S12, 15.1R7-S4;\n15.1X49 versions prior to 15.1X49-D161, 15.1X49-D170;\n15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D69;\n16.1 versions prior to 16.1R7-S4, 16.1R7-S5;\n16.2 versions prior to 16.2R2-S9;\n17.1 versions prior to 17.1R3;\n17.2 versions prior to 17.2R1-S8, 17.2R3-S1;\n17.3 versions prior to 17.3R3-S4;\n17.4 versions prior to 17.4R1-S7, 17.4R2-S3;\n18.1 versions prior to 18.1R2-S4, 18.1R3-S4;\n18.2 versions prior to 18.2R1-S5, 18.2R2-S1;\n18.2X75 versions prior to 18.2X75-D40;\n18.3 versions prior to 18.3R1-S3;\n18.4 versions prior to 18.4R1-S1, 18.4R1-S2."
"value": "When configuring a stateless firewall filter in Junos OS, terms named using the format \"internal-n\" (e.g. \"internal-1\", \"internal-2\", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results. Affected releases are Juniper Networks Junos OS: All versions prior to and including 12.3; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D161, 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4; 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3; 18.4 versions prior to 18.4R1-S1, 18.4R1-S2."
}
]
},

2
2019/0xxx/CVE-2019-0037.json
View File

@ -109,7 +109,7 @@
"description_data": [
{
"lang": "eng",
"value": "In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client. By continuously sending the same crafted packet, an attacker can repeatedly crash the jdhcpd process causing a sustained Denial of Service (DoS) to both IPv4 and IPv6 clients.\nAffected releases are Juniper Networks Junos OS:\n15.1 versions prior to 15.1F6-S12, 15.1R7-S3;\n15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180;\n15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496;\n16.1 versions prior to 16.1R3-S10, 16.1R7-S4;\n16.2 versions prior to 16.2R2-S8;\n17.1 versions prior to 17.1R2-S10, 17.1R3;\n17.2 versions prior to 17.2R1-S8, 17.2R3-S1;\n17.3 versions prior to 17.3R3-S3;\n17.4 versions prior to 17.4R1-S6, 17.4R2-S3;\n18.1 versions prior to 18.1R2-S4, 18.1R3-S2;\n18.2 versions prior to 18.2R2;\n18.2X75 versions prior to 18.2X75-D30;\n18.3 versions prior to 18.3R1-S2.\n\nThis issue does not affect Junos OS releases prior to 15.1."
"value": "In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client. By continuously sending the same crafted packet, an attacker can repeatedly crash the jdhcpd process causing a sustained Denial of Service (DoS) to both IPv4 and IPv6 clients. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496; 16.1 versions prior to 16.1R3-S10, 16.1R7-S4; 16.2 versions prior to 16.2R2-S8; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S2; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R1-S2. This issue does not affect Junos OS releases prior to 15.1."
}
]
},

4
2019/0xxx/CVE-2019-0038.json
View File

@ -75,14 +75,14 @@
"description_data": [
{
"lang": "eng",
"value": "Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion.\n\nThis issue only affects the SRX340 and SRX345 services gateways. No other products or platforms are affected by this vulnerability.\nAffected releases are Juniper Networks Junos OS:\n15.1X49 versions prior to 15.1X49-D160 on SRX340/SRX345;\n17.3 on SRX340/SRX345;\n17.4 versions prior to 17.4R2-S3, 17.4R3 on SRX340/SRX345;\n18.1 versions prior to 18.1R3-S1 on SRX340/SRX345;\n18.2 versions prior to 18.2R2 on SRX340/SRX345;\n18.3 versions prior to 18.3R1-S2, 18.3R2 on SRX340/SRX345.\n\nThis issue does not affect Junos OS releases prior to 15.1X49 on any platform."
"value": "Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion. This issue only affects the SRX340 and SRX345 services gateways. No other products or platforms are affected by this vulnerability. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D160 on SRX340/SRX345; 17.3 on SRX340/SRX345; 17.4 versions prior to 17.4R2-S3, 17.4R3 on SRX340/SRX345; 18.1 versions prior to 18.1R3-S1 on SRX340/SRX345; 18.2 versions prior to 18.2R2 on SRX340/SRX345; 18.3 versions prior to 18.3R1-S2, 18.3R2 on SRX340/SRX345. This issue does not affect Junos OS releases prior to 15.1X49 on any platform."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n The following log message may be displayed when the device is in this condition:\n\n octagl_output:1093: out of buf\n octagl_output:1093: out of buf\n octagl_output:1093: out of buf\n\nAdministrators can monitor buffer space utilization by executing the command:\n\n request pfe execute target fwdd command \"show octeon fpa buffers\"\n ================ cluster1.node0 ================\n SENT: Ukern command: show octeon fpa buffers\n\n FPA 0: Avail: 23632, Errors: 0\n FPA 1: Avail: 22444, Errors: 0\n FPA 2: Avail: 0, Errors: 0\n FPA 3: Avail: 135, Errors: 0\n FPA 4: Avail: 0, Errors: 0"
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n The following log message may be displayed when the device is in this condition:\n\n octagl_output:1093: out of buf\n octagl_output:1093: out of buf\n octagl_output:1093: out of buf\n\nAdministrators can monitor buffer space utilization by executing the command:\n\n request pfe\u00a0execute target fwdd\u00a0command \"show octeon\u00a0fpa\u00a0buffers\"\n ================ cluster1.node0 ================\n SENT: Ukern command: show octeon fpa buffers\n\n FPA 0: Avail: 23632, Errors: 0\n FPA 1: Avail: 22444, Errors: 0\n FPA 2: Avail: 0, Errors: 0\n FPA 3: Avail: 135, Errors: 0\n FPA 4: Avail: 0, Errors: 0"
}
],
"generator": {

2
2019/0xxx/CVE-2019-0039.json
View File

@ -114,7 +114,7 @@
"description_data": [
{
"lang": "eng",
"value": "If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks.\n\nThe high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administrators who do not enforce a strong password policy can increase the likelihood of success from brute force attacks.\nAffected releases are Juniper Networks Junos OS:\n14.1X53 versions prior to 14.1X53-D49;\n15.1 versions prior to 15.1F6-S12, 15.1R7-S3;\n15.1X49 versions prior to 15.1X49-D160;\n15.1X53 versions prior to 15.1X53-D236, 15.1X53-D495, 15.1X53-D591, 15.1X53-D69;\n16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S3;\n16.1X65 versions prior to 16.1X65-D49;\n16.2 versions prior to 16.2R2-S7;\n17.1 versions prior to 17.1R2-S10, 17.1R3;\n17.2 versions prior to 17.2R1-S8, 17.2R3-S1;\n17.3 versions prior to 17.3R3-S2;\n17.4 versions prior to 17.4R1-S6, 17.4R2-S2;\n18.1 versions prior to 18.1R2-S4, 18.1R3-S1;\n18.2 versions prior to 18.2R1-S5;\n18.2X75 versions prior to 18.2X75-D30;\n18.3 versions prior to 18.3R1-S1."
"value": "If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administrators who do not enforce a strong password policy can increase the likelihood of success from brute force attacks. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; 15.1X49 versions prior to 15.1X49-D160; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D495, 15.1X53-D591, 15.1X53-D69; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S3; 16.1X65 versions prior to 16.1X65-D49; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S2; 17.4 versions prior to 17.4R1-S6, 17.4R2-S2; 18.1 versions prior to 18.1R2-S4, 18.1R3-S1; 18.2 versions prior to 18.2R1-S5; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R1-S1."
}
]
},

2
2019/0xxx/CVE-2019-0040.json
View File

@ -78,7 +78,7 @@
"description_data": [
{
"lang": "eng",
"value": "On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI). External packets destined to port 111 should be dropped. Due to an information leak vulnerability, responses were being generated from the source address of the management interface (e.g. fxp0) thus disclosing internal addressing and existence of the management interface itself. A high rate of crafted packets destined to port 111 may also lead to a partial Denial of Service (DoS).\n\nNote: Systems with fxp0 disabled or unconfigured are not vulnerable to this issue.\n\nThis issue only affects Junos OS releases based on FreeBSD 10 or higher (typically Junos OS 15.1+). Administrators can confirm whether systems are running a version of Junos OS based on FreeBSD 10 or higher by typing:\n\n user@junos> show version | match kernel \n JUNOS OS Kernel 64-bit [20181214.223829_fbsd-builder_stable_10]\n\nAffected releases are Juniper Networks Junos OS:\n15.1 versions prior to 15.1F6-S12, 15.1R7-S4;\n15.1X53 versions prior to 15.1X53-D236;\n16.1 versions prior to 16.1R7-S1;\n16.2 versions prior to 16.2R2-S9;\n17.1 versions prior to 17.1R3;\n17.2 versions prior to 17.2R1-S8;\n17.3 versions prior to 17.3R2;\n17.4 versions prior to 17.4R1-S1, 17.4R1-S7, 17.4R2.\n\nThis issue does not affect Junos OS releases prior to 15.1."
"value": "On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI). External packets destined to port 111 should be dropped. Due to an information leak vulnerability, responses were being generated from the source address of the management interface (e.g. fxp0) thus disclosing internal addressing and existence of the management interface itself. A high rate of crafted packets destined to port 111 may also lead to a partial Denial of Service (DoS). Note: Systems with fxp0 disabled or unconfigured are not vulnerable to this issue. This issue only affects Junos OS releases based on FreeBSD 10 or higher (typically Junos OS 15.1+). Administrators can confirm whether systems are running a version of Junos OS based on FreeBSD 10 or higher by typing: user@junos> show version | match kernel JUNOS OS Kernel 64-bit [20181214.223829_fbsd-builder_stable_10] Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X53 versions prior to 15.1X53-D236; 16.1 versions prior to 16.1R7-S1; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8; 17.3 versions prior to 17.3R2; 17.4 versions prior to 17.4R1-S1, 17.4R1-S7, 17.4R2. This issue does not affect Junos OS releases prior to 15.1."
}
]
},

2
2019/0xxx/CVE-2019-0041.json
View File

@ -45,7 +45,7 @@
"description_data": [
{
"lang": "eng",
"value": "On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface (lo0). The device may fail to forward such traffic.\nThis issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R1-S2, 18.2R2 on EX4300-MP Series.\nThis issue does not affect any other EX series devices."
"value": "On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface (lo0). The device may fail to forward such traffic. This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R1-S2, 18.2R2 on EX4300-MP Series. This issue does not affect any other EX series devices."
}
]
},

2
2019/0xxx/CVE-2019-0043.json
View File

@ -152,7 +152,7 @@
"description_data": [
{
"lang": "eng",
"value": "In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart. By continuously sending a specially crafted SNMP packet, an attacker can repetitively crash the RPD process causing prolonged denial of service.\nNo other Juniper Networks products or platforms are affected by this issue.\nAffected releases are Juniper Networks Junos OS :\n12.1X46 versions prior to 12.1X46-D77 on SRX Series;\n12.3 versions prior to 12.3R12-S10;\n12.3X48 versions prior to 12.3X48-D75 on SRX Series;\n14.1X53 versions prior to 14.1X53-D48 on EX/QFX series;\n15.1 versions prior to 15.1R4-S9, 15.1R7-S2;\n15.1F6 versions prior to 15.1F6-S11;\n15.1X49 versions prior to 15.1X49-D141, 15.1X49-D144, 15.1X49-D150 on SRX Series;\n15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 Series;\n15.1X53 versions prior to 15.1X53-D68 on QFX10K Series;\n15.1X53 versions prior to 15.1X53-D471, 15.1X53-D490 on NFX Series;\n15.1X53 versions prior to 15.1X53-D590 on EX2300/EX3400 Series;\n15.1X54 on ACX Series;\n16.1 versions prior to 16.1R3-S10, 16.1R4-S11, 16.1R6-S5, 16.1R7;\n16.1X65 versions prior to 16.1X65-D48;\n16.2 versions prior to 16.2R2-S6;\n17.1 versions prior to 17.1R2-S8, 17.1R3;\n17.2 versions prior to 17.2R1-S7, 17.2R3;\n17.2X75 versions prior to 17.2X75-D92, 17.2X75-D102, 17.2X75-D110;\n17.3 versions prior to 17.3R3;\n17.4 versions prior to 17.4R1-S4, 17.4R2;\n18.1 versions prior to 18.1R1-S1, 18.1R2-S1, 18.1R3;\n18.2X75 versions prior to 18.2X75-D10."
"value": "In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart. By continuously sending a specially crafted SNMP packet, an attacker can repetitively crash the RPD process causing prolonged denial of service. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS : 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D75 on SRX Series; 14.1X53 versions prior to 14.1X53-D48 on EX/QFX series; 15.1 versions prior to 15.1R4-S9, 15.1R7-S2; 15.1F6 versions prior to 15.1F6-S11; 15.1X49 versions prior to 15.1X49-D141, 15.1X49-D144, 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D68 on QFX10K Series; 15.1X53 versions prior to 15.1X53-D471, 15.1X53-D490 on NFX Series; 15.1X53 versions prior to 15.1X53-D590 on EX2300/EX3400 Series; 15.1X54 on ACX Series; 16.1 versions prior to 16.1R3-S10, 16.1R4-S11, 16.1R6-S5, 16.1R7; 16.1X65 versions prior to 16.1X65-D48; 16.2 versions prior to 16.2R2-S6; 17.1 versions prior to 17.1R2-S8, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.2X75 versions prior to 17.2X75-D92, 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 18.1 versions prior to 18.1R1-S1, 18.1R2-S1, 18.1R3; 18.2X75 versions prior to 18.2X75-D10."
}
]
},

2
2019/0xxx/CVE-2019-0044.json
View File

@ -51,7 +51,7 @@
"description_data": [
{
"lang": "eng",
"value": "Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore).\nBy continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the rpd process causing prolonged Denial of Service (DoS).\nAffected releases are Juniper Networks SRX5000 Series:\n12.1X46 versions prior to 12.1X46-D82;\n12.3X48 versions prior to 12.3X48-D80;\n15.1X49 versions prior to 15.1X49-D160."
"value": "Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore). By continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the rpd process causing prolonged Denial of Service (DoS). Affected releases are Juniper Networks SRX5000 Series: 12.1X46 versions prior to 12.1X46-D82; 12.3X48 versions prior to 12.3X48-D80; 15.1X49 versions prior to 15.1X49-D160."
}
]
},

5
2019/0xxx/CVE-2019-0216.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/2de387213d45bc626d27554a1bde7b8c67d08720901f82a50b6f4231@%3Cdev.airflow.apache.org%3E",
"url": "https://lists.apache.org/thread.html/2de387213d45bc626d27554a1bde7b8c67d08720901f82a50b6f4231@%3Cdev.airflow.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190410 CVE-2019-0216, CVE-2019-0229 vulnerabilities affecting Apache Airflow <= 1.10.2 webserver component",
"url": "http://www.openwall.com/lists/oss-security/2019/04/10/6"
}
]
},

5
2019/0xxx/CVE-2019-0229.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/2de387213d45bc626d27554a1bde7b8c67d08720901f82a50b6f4231@%3Cdev.airflow.apache.org%3E",
"url": "https://lists.apache.org/thread.html/2de387213d45bc626d27554a1bde7b8c67d08720901f82a50b6f4231@%3Cdev.airflow.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190410 CVE-2019-0216, CVE-2019-0229 vulnerabilities affecting Apache Airflow <= 1.10.2 webserver component",
"url": "http://www.openwall.com/lists/oss-security/2019/04/10/6"
}
]
},

90
2019/0xxx/CVE-2019-0278.json
View File

@ -1,17 +1,87 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0278",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0278",
"ASSIGNER": "cna@sap.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "SAP SE",
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver Process Integration (Messaging System)",
"version": {
"version_data": [
{
"version_name": "<",
"version_value": "7.10 to 7.11"
},
{
"version_name": "<",
"version_value": "7.20"
},
{
"version_name": "<",
"version_value": "7.30"
},
{
"version_name": "<",
"version_value": "7.31"
},
{
"version_name": "<",
"version_value": "7.40"
},
{
"version_name": "<",
"version_value": "7.50"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Under certain conditions the Monitoring Servlet of the SAP NetWeaver Process Integration (Messaging System), fixed in versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to see the names of database tables used by the application, leading to information disclosure."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://launchpad.support.sap.com/#/notes/2741201",
"url": "https://launchpad.support.sap.com/#/notes/2741201"
},
{
"refsource": "CONFIRM",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain conditions the Monitoring Servlet of the SAP NetWeaver Process Integration (Messaging System), fixed in versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to see the names of database tables used by the application, leading to information disclosure."
}
]
}

86
2019/0xxx/CVE-2019-0279.json
View File

@ -1,17 +1,83 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0279",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0279",
"ASSIGNER": "cna@sap.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "SAP SE",
"product": {
"product_data": [
{
"product_name": "SAP BASIS",
"version": {
"version_data": [
{
"version_name": "<",
"version_value": "from 7.00 to 7.02"
},
{
"version_name": "<",
"version_value": "from 7.10 to 7.30"
},
{
"version_name": "<",
"version_value": "7.31"
},
{
"version_name": "<",
"version_value": "7.40"
},
{
"version_name": "<",
"version_value": "from 7.50 to 7.53"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP_RFCDEST, and INST_CREATE_TCPIP_RFC_DEST in SAP BASIS (fixed in versions 7.0 to 7.02, 7.10 to 7.30, 7.31, 7.40, 7.50 to 7.53) do not perform necessary authorization checks in all circumstances for an authenticated user, resulting in escalation of privileges."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114"
},
{
"refsource": "CONFIRM",
"name": "https://launchpad.support.sap.com/#/notes/2753629",
"url": "https://launchpad.support.sap.com/#/notes/2753629"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP_RFCDEST, and INST_CREATE_TCPIP_RFC_DEST in SAP BASIS (fixed in versions 7.0 to 7.02, 7.10 to 7.30, 7.31, 7.40, 7.50 to 7.53) do not perform necessary authorization checks in all circumstances for an authenticated user, resulting in escalation of privileges."
}
]
}

86
2019/0xxx/CVE-2019-0282.json
View File

@ -1,17 +1,83 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0282",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0282",
"ASSIGNER": "cna@sap.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "SAP SE",
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver Process Integration (Runtime Workbench)",
"version": {
"version_data": [
{
"version_name": "<",
"version_value": "from 7.10 to 7.11"
},
{
"version_name": "<",
"version_value": "7.30"
},
{
"version_name": "<",
"version_value": "7.31"
},
{
"version_name": "<",
"version_value": "7.40"
},
{
"version_name": "<",
"version_value": "7.50"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Several web pages in SAP NetWeaver Process Integration (Runtime Workbench), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; can be accessed without user authentication, which might expose internal data like release information, Java package and Java object names which can be misused by the attacker."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114"
},
{
"refsource": "CONFIRM",
"name": "https://launchpad.support.sap.com/#/notes/2742758",
"url": "https://launchpad.support.sap.com/#/notes/2742758"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Several web pages in SAP NetWeaver Process Integration (Runtime Workbench), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; can be accessed without user authentication, which might expose internal data like release information, Java package and Java object names which can be misused by the attacker."
}
]
}

86
2019/0xxx/CVE-2019-0283.json
View File

@ -1,17 +1,83 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0283",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0283",
"ASSIGNER": "cna@sap.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "SAP SE",
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver Process Integration (Adapter Engine)",
"version": {
"version_data": [
{
"version_name": "<",
"version_value": "from 7.10 to 7.11"
},
{
"version_name": "<",
"version_value": "7.30"
},
{
"version_name": "<",
"version_value": "7.31"
},
{
"version_name": "<",
"version_value": "7.40"
},
{
"version_name": "<",
"version_value": "7.50"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Digital Signature Spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114"
},
{
"refsource": "CONFIRM",
"name": "https://launchpad.support.sap.com/#/notes/2747683",
"url": "https://launchpad.support.sap.com/#/notes/2747683"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; is vulnerable to Digital Signature Spoofing. It is possible to spoof XML signatures and send arbitrary requests to the server via PI Axis adapter. These requests will be accepted by the PI Axis adapter even if the payload has been altered, especially when the signed element is the body of the xml document."
}
]
}

74
2019/0xxx/CVE-2019-0284.json
View File

@ -1,17 +1,71 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0284",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0284",
"ASSIGNER": "cna@sap.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "SAP SE",
"product": {
"product_data": [
{
"product_name": "SAP HANA",
"version": {
"version_data": [
{
"version_name": "<",
"version_value": "1.0"
},
{
"version_name": "<",
"version_value": "2.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XML External Entity"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114"
},
{
"refsource": "CONFIRM",
"name": "https://launchpad.support.sap.com/#/notes/2772376",
"url": "https://launchpad.support.sap.com/#/notes/2772376"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "SLD Registration in SAP HANA (fixed in versions 1.0, 2.0) does not sufficiently validate an XML document accepted from an untrusted source. The attacker can call SLDREG with an XML file containing a reference to an XML External Entity (XXE). This can cause SLDREG to, for example, continuously loop, read arbitrary files and even send local files."
}
]
}

70
2019/0xxx/CVE-2019-0285.json
View File

@ -1,17 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0285",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0285",
"ASSIGNER": "cna@sap.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "SAP SE",
"product": {
"product_data": [
{
"product_name": "SAP Crystal Reports for Visual Studio",
"version": {
"version_data": [
{
"version_name": "<",
"version_value": "2010"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114"
},
{
"refsource": "CONFIRM",
"name": "https://launchpad.support.sap.com/#/notes/2687663",
"url": "https://launchpad.support.sap.com/#/notes/2687663"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010) discloses sensitive database information including credentials which can be misused by the attacker."
}
]
}

6
2019/1003xxx/CVE-2019-1003049.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2019-1003049",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -53,7 +54,8 @@
"reference_data": [
{
"url": "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289"
}
]
}

6
2019/1003xxx/CVE-2019-1003050.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2019-1003050",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -53,7 +54,8 @@
"reference_data": [
{
"url": "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1327",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1327"
}
]
}

67
2019/11xxx/CVE-2019-11069.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11069",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-11069",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sequelize before 5.3.0 does not properly ensure that standard conforming strings are used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/sequelize/sequelize/pull/10746/files",
"refsource": "MISC",
"name": "https://github.com/sequelize/sequelize/pull/10746/files"
},
{
"url": "https://github.com/sequelize/sequelize/releases/tag/v5.3.0",
"refsource": "MISC",
"name": "https://github.com/sequelize/sequelize/releases/tag/v5.3.0"
}
]
}

67
2019/11xxx/CVE-2019-11070.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11070",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugs.webkit.org/show_bug.cgi?id=193718",
"refsource": "MISC",
"name": "https://bugs.webkit.org/show_bug.cgi?id=193718"
},
{
"url": "https://trac.webkit.org/changeset/243197/webkit",
"refsource": "MISC",
"name": "https://trac.webkit.org/changeset/243197/webkit"
}
]
}
}

77
2019/11xxx/CVE-2019-11071.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11071",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visitors to execute arbitrary code on the host server because var_memotri is mishandled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-1-10-et-SPIP-3-2-4.html",
"refsource": "MISC",
"name": "https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-1-10-et-SPIP-3-2-4.html"
},
{
"url": "https://github.com/spip/SPIP/commit/3ef87c525bc0768c926646f999a54222b37b5d36",
"refsource": "MISC",
"name": "https://github.com/spip/SPIP/commit/3ef87c525bc0768c926646f999a54222b37b5d36"
},
{
"url": "https://github.com/spip/SPIP/commit/824d17f424bf77d17af89c18c3dc807a3199567e",
"refsource": "MISC",
"name": "https://github.com/spip/SPIP/commit/824d17f424bf77d17af89c18c3dc807a3199567e"
},
{
"url": "https://github.com/spip/SPIP/compare/1e3872c...9861a47",
"refsource": "MISC",
"name": "https://github.com/spip/SPIP/compare/1e3872c...9861a47"
}
]
}
}

70
2019/3xxx/CVE-2019-3943.json
View File

@ -1,17 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3943",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-3943",
"ASSIGNER": "vulnreport@tenable.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "MikroTik",
"product": {
"product_data": [
{
"product_name": "RouterOS",
"version": {
"version_data": [
{
"version_value": "Stable 6.43.12 and below"
},
{
"version_value": "Long-term 6.42.12 and below"
},
{
"version_value": "Testing 6.44beta75 and below"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-23 Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.tenable.com/security/research/tra-2019-16",
"url": "https://www.tenable.com/security/research/tra-2019-16"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read and write files outside of the sandbox directory (/rw/disk)."
}
]
}