admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 22:18:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Added submission from Talos for TALOS-2017-0492 from 2018-09-17.

Browse Source
This commit is contained in:
CVE Team 2018-09-17 12:46:17 -04:00
parent 39cf3bf354
commit 2856b77ee4
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
1 changed files with 46 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
2017/14xxx/CVE-2017-14443.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "talos-cna@cisco.com",
"DATE_PUBLIC" : "2018-06-19T00:00:00",
"ID" : "CVE-2017-14443",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Insteon Hub 2245-222",
"version" : {
"version_data" : [
{
"version_value" : "Firmware version 1012"
}
]
}
}
]
},
"vendor_name" : "Insteon"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "An exploitable information leak vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly checks the number of GET parameters supplied, leading to an arbitrarily controlled information leak on the whole device memory. An attacker can send an authenticated HTTP request to trigger this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Use of Uninitialized Variable"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0492"
}
]
}