From 29e8e4adb3abca11c0ea5e9113b1f2e322fa2cbb Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 18 Sep 2018 18:05:08 -0400 Subject: [PATCH] - Synchronized data. --- 2017/3xxx/CVE-2017-3912.json | 116 +++++++++++++++---------------- 2018/6xxx/CVE-2018-6690.json | 108 ++++++++++++++--------------- 2018/6xxx/CVE-2018-6693.json | 128 +++++++++++++++++------------------ 3 files changed, 176 insertions(+), 176 deletions(-) diff --git a/2017/3xxx/CVE-2017-3912.json b/2017/3xxx/CVE-2017-3912.json index 78ef52eb031..84a4a9c0b3b 100644 --- a/2017/3xxx/CVE-2017-3912.json +++ b/2017/3xxx/CVE-2017-3912.json @@ -1,97 +1,97 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@mcafee.com", - "ID": "CVE-2017-3912", - "STATE": "PUBLIC", - "TITLE": "McAfee Application Control and Change Control (MACC) - password management security feature bypass (SFB) leading to an authentication bypass " + "CVE_data_meta" : { + "ASSIGNER" : "psirt@mcafee.com", + "ID" : "CVE-2017-3912", + "STATE" : "PUBLIC", + "TITLE" : "McAfee Application Control and Change Control (MACC) - password management security feature bypass (SFB) leading to an authentication bypass " }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "McAfee Application Control and Change Control (MACC)", - "version": { - "version_data": [ + "product_name" : "McAfee Application Control and Change Control (MACC)", + "version" : { + "version_data" : [ { - "affected": "=", - "platform": "x86", - "version_name": "7.0.1", - "version_value": "7.0.1" + "affected" : "=", + "platform" : "x86", + "version_name" : "7.0.1", + "version_value" : "7.0.1" }, { - "affected": "=", - "version_name": "6.2.0", - "version_value": "6.2.0" + "affected" : "=", + "version_name" : "6.2.0", + "version_value" : "6.2.0" } ] } } ] }, - "vendor_name": "McAfee" + "vendor_name" : "McAfee" } ] } }, - "credit": [ + "credit" : [ { - "lang": "eng", - "value": "McAfee credits Saurabh Tripathi and Sukesh Shetty for reporting this flaw." + "lang" : "eng", + "value" : "McAfee credits Saurabh Tripathi and Sukesh Shetty for reporting this flaw." } ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility." + "lang" : "eng", + "value" : "Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility." } ] }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "privilegesRequired": "HIGH", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", - "version": "3.0" + "impact" : { + "cvss" : { + "attackComplexity" : "LOW", + "attackVector" : "LOCAL", + "availabilityImpact" : "NONE", + "baseScore" : 4.4, + "baseSeverity" : "MEDIUM", + "confidentialityImpact" : "NONE", + "integrityImpact" : "HIGH", + "privilegesRequired" : "HIGH", + "scope" : "UNCHANGED", + "userInteraction" : "NONE", + "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", + "version" : "3.0" } }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "Privilege Escalation (CWE-274)" + "lang" : "eng", + "value" : "Privilege Escalation (CWE-274)" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10224", - "refsource": "CONFIRM", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10224" + "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10224", + "refsource" : "CONFIRM", + "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10224" } ] }, - "source": { - "advisory": "SB10224", - "discovery": "EXTERNAL" + "source" : { + "advisory" : "SB10224", + "discovery" : "EXTERNAL" } } diff --git a/2018/6xxx/CVE-2018-6690.json b/2018/6xxx/CVE-2018-6690.json index b1b14405191..856b8975824 100644 --- a/2018/6xxx/CVE-2018-6690.json +++ b/2018/6xxx/CVE-2018-6690.json @@ -1,91 +1,91 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@mcafee.com", - "ID": "CVE-2018-6690", - "STATE": "PUBLIC", - "TITLE": "McAfee Application Control (MAC) - Whitelist bypass using a hard drive solidified by MACC" + "CVE_data_meta" : { + "ASSIGNER" : "psirt@mcafee.com", + "ID" : "CVE-2018-6690", + "STATE" : "PUBLIC", + "TITLE" : "McAfee Application Control (MAC) - Whitelist bypass using a hard drive solidified by MACC" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "McAfee Application Control (MAC)", - "version": { - "version_data": [ + "product_name" : "McAfee Application Control (MAC)", + "version" : { + "version_data" : [ { - "affected": "<=", - "platform": "x86", - "version_name": "8.0.0 HF 4", - "version_value": "8.0.0 HF 4" + "affected" : "<=", + "platform" : "x86", + "version_name" : "8.0.0 HF 4", + "version_value" : "8.0.0 HF 4" } ] } } ] }, - "vendor_name": "McAfee" + "vendor_name" : "McAfee" } ] } }, - "credit": [ + "credit" : [ { - "lang": "eng", - "value": "McAfee credits Paul W for reporting this flaw." + "lang" : "eng", + "value" : "McAfee credits Paul W for reporting this flaw." } ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier. Allows authenticated users to execute arbitrary code via file transfer from external system." + "lang" : "eng", + "value" : "Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system." } ] }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", - "version": "3.0" + "impact" : { + "cvss" : { + "attackComplexity" : "LOW", + "attackVector" : "LOCAL", + "availabilityImpact" : "NONE", + "baseScore" : 6.1, + "baseSeverity" : "MEDIUM", + "confidentialityImpact" : "LOW", + "integrityImpact" : "HIGH", + "privilegesRequired" : "LOW", + "scope" : "UNCHANGED", + "userInteraction" : "NONE", + "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", + "version" : "3.0" } }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "Whitelist bypass" + "lang" : "eng", + "value" : "Whitelist bypass" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10250", - "refsource": "CONFIRM", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10250" + "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10250", + "refsource" : "CONFIRM", + "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10250" } ] }, - "source": { - "discovery": "EXTERNAL" + "source" : { + "discovery" : "EXTERNAL" } } diff --git a/2018/6xxx/CVE-2018-6693.json b/2018/6xxx/CVE-2018-6693.json index 426aad4136e..d70e6ef5e2f 100644 --- a/2018/6xxx/CVE-2018-6693.json +++ b/2018/6xxx/CVE-2018-6693.json @@ -1,107 +1,107 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@mcafee.com", - "ID": "CVE-2018-6693", - "STATE": "PUBLIC", - "TITLE": " Endpoint Security for Linux Threat Prevention (ENSLTP) privilege escalation vulnerability" + "CVE_data_meta" : { + "ASSIGNER" : "psirt@mcafee.com", + "ID" : "CVE-2018-6693", + "STATE" : "PUBLIC", + "TITLE" : " Endpoint Security for Linux Threat Prevention (ENSLTP) privilege escalation vulnerability" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": " Endpoint Security for Linux Threat Prevention (ENSLTP)", - "version": { - "version_data": [ + "product_name" : " Endpoint Security for Linux Threat Prevention (ENSLTP)", + "version" : { + "version_data" : [ { - "affected": "=", - "platform": "x86", - "version_name": "10.5.0", - "version_value": "10.5.0" + "affected" : "=", + "platform" : "x86", + "version_name" : "10.5.0", + "version_value" : "10.5.0" }, { - "affected": "=", - "platform": "x86", - "version_name": "10.5.1", - "version_value": "10.5.0" + "affected" : "=", + "platform" : "x86", + "version_name" : "10.5.1", + "version_value" : "10.5.0" }, { - "affected": "<=", - "platform": "x86", - "version_name": "10.2.3 Hotfix 1246778", - "version_value": "10.2.3 Hotfix 1246778" + "affected" : "<=", + "platform" : "x86", + "version_name" : "10.2.3 Hotfix 1246778", + "version_value" : "10.2.3 Hotfix 1246778" } ] } } ] }, - "vendor_name": "McAfee" + "vendor_name" : "McAfee" } ] } }, - "credit": [ + "credit" : [ { - "lang": "eng", - "value": "RACK911Labs.com" + "lang" : "eng", + "value" : "RACK911Labs.com" } ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escalation to delete arbitrary files." + "lang" : "eng", + "value" : "An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escalation to delete arbitrary files." } ] }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "LOW", - "baseScore": 5.6, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L", - "version": "3.0" + "impact" : { + "cvss" : { + "attackComplexity" : "LOW", + "attackVector" : "LOCAL", + "availabilityImpact" : "LOW", + "baseScore" : 5.6, + "baseSeverity" : "MEDIUM", + "confidentialityImpact" : "NONE", + "integrityImpact" : "HIGH", + "privilegesRequired" : "LOW", + "scope" : "UNCHANGED", + "userInteraction" : "REQUIRED", + "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L", + "version" : "3.0" } }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "Race Condition Enabling Link Following (CWE-363)" + "lang" : "eng", + "value" : "Race Condition Enabling Link Following (CWE-363)" }, { - "lang": "eng", - "value": "Privilege Escalation (CWE-274)" + "lang" : "eng", + "value" : "Privilege Escalation (CWE-274)" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10248", - "refsource": "CONFIRM", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10248" + "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10248", + "refsource" : "CONFIRM", + "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10248" } ] }, - "source": { - "discovery": "EXTERNAL" + "source" : { + "discovery" : "EXTERNAL" } }