admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#2609

Browse Source 
Auto-merge PR#2609
This commit is contained in:
CVE Team 2019-10-02 10:45:35 -04:00 committed by GitHub
commit 327dc57771
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 435 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
2019/4xxx/CVE-2019-4520.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4520",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 165178.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-10-01T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2019-4520"
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 1077045 (Security Directory Server)",
"name" : "https://www.ibm.com/support/pages/node/1077045",
"url" : "https://www.ibm.com/support/pages/node/1077045"
},
{
"refsource" : "XF",
"name" : "ibm-sds-cve20194520-info-disc (165178)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/165178"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Directory Server",
"version" : {
"version_data" : [
{
"version_value" : "6.4.0"
}
]
}
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"AC" : "L",
"SCORE" : "7.500",
"UI" : "N",
"PR" : "N",
"A" : "N",
"I" : "N",
"AV" : "N",
"S" : "U",
"C" : "H"
}
}
}
}

102
2019/4xxx/CVE-2019-4538.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4538",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"description" : {
"description_data" : [
{
"value" : "IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 165660.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-10-01T00:00:00",
"ID" : "CVE-2019-4538",
"ASSIGNER" : "psirt@us.ibm.com"
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"PR" : "N",
"A" : "N",
"I" : "H",
"AV" : "N",
"S" : "C",
"C" : "N",
"AC" : "L",
"SCORE" : "7.400",
"UI" : "R"
}
}
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/1077045",
"name" : "https://www.ibm.com/support/pages/node/1077045",
"title" : "IBM Security Bulletin 1077045 (Security Directory Server)",
"refsource" : "CONFIRM"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-sds-cve20194538-open-redirect (165660)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/165660"
}
]
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Security Directory Server",
"version" : {
"version_data" : [
{
"version_value" : "6.4.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
}
}

102
2019/4xxx/CVE-2019-4539.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4539",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "L",
"A" : "H",
"I" : "L",
"AV" : "N",
"S" : "U",
"C" : "N",
"AC" : "L",
"SCORE" : "7.100",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/1077045",
"title" : "IBM Security Bulletin 1077045 (Security Directory Server)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/1077045"
},
{
"refsource" : "XF",
"name" : "ibm-sds-cve20194539-xml-injection (165812)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/165812"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Directory Server",
"version" : {
"version_data" : [
{
"version_value" : "6.4.0"
}
]
}
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
]
}
]
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM Security Directory Server 6.4.0 does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system. IBM X-Force ID: 165812.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-10-01T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2019-4539"
},
"data_type" : "CVE"
}

102
2019/4xxx/CVE-2019-4542.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4542",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-10-01T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2019-4542"
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Directory Server 6.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 165815."
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "N",
"A" : "N",
"I" : "L",
"AV" : "N",
"S" : "C",
"C" : "L",
"AC" : "L",
"SCORE" : "6.100",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RL" : "O",
"RC" : "C"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.4.0"
}
]
},
"product_name" : "Security Directory Server"
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/1077045",
"title" : "IBM Security Bulletin 1077045 (Security Directory Server)",
"name" : "https://www.ibm.com/support/pages/node/1077045",
"refsource" : "CONFIRM"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/165815",
"refsource" : "XF",
"name" : "ibm-sds-cve20194542-xss (165815)",
"title" : "X-Force Vulnerability Report"
}
]
}
}

102
2019/4xxx/CVE-2019-4549.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4549",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"value" : "IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 165951.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2019-4549",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-10-01T00:00:00",
"STATE" : "PUBLIC"
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 1077045 (Security Directory Server)",
"name" : "https://www.ibm.com/support/pages/node/1077045",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/1077045"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/165951",
"refsource" : "XF",
"name" : "ibm-sds-cve20194549-info-disc (165951)",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Directory Server",
"version" : {
"version_data" : [
{
"version_value" : "6.4.0"
}
]
}
}
]
}
}
]
}
}
]
}
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"UI" : "N",
"SCORE" : "5.300",
"AC" : "L",
"S" : "U",
"C" : "L",
"AV" : "N",
"I" : "N",
"PR" : "N",
"A" : "N"
}
}
}
}