admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

IBM20190305-115557

Browse Source 
Added CVE-2019-4032, CVE-2019-4027, CVE-2019-4063, CVE-2018-1899, CVE-2018-1938, CVE-2018-1875, CVE-2018-1939, CVE-2019-4029, CVE-2018-1937, CVE-2019-4028
This commit is contained in:
Scott Moore - IBM 2019-03-05 11:55:57 -05:00
parent 500640f1fa
commit 38ae22ad2c
No known key found for this signature in database
GPG Key ID: 95B9EA1B824C2926
10 changed files with 833 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

111
2018/1xxx/CVE-2018-1875.json
View File

@ -1,18 +1,109 @@
{ {
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1875",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0", "data_version" : "4.0",
"description" : { "CVE_data_meta" : {
"description_data" : [ "STATE" : "PUBLIC",
"ID" : "CVE-2018-1875",
"DATE_PUBLIC" : "2019-02-01T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "Gain Access"
} }
] ]
} }
]
},
"description" : {
"description_data" : [
{
"value" : "IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 151639.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "11.3"
},
{
"version_value" : "11.5"
},
{
"version_value" : "11.7"
}
]
},
"product_name" : "InfoSphere Information Governance Catalog"
},
{
"product_name" : "InfoSphere Information Server on Cloud",
"version" : {
"version_data" : [
{
"version_value" : "11.5"
},
{
"version_value" : "11.7"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"AV" : "N",
"I" : "H",
"S" : "C",
"PR" : "N",
"C" : "N",
"AC" : "L",
"A" : "N",
"SCORE" : "7.400",
"UI" : "R"
}
}
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10738911",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10738911",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 738911 (InfoSphere Information Governance Catalog)"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/151639",
"name" : "ibm-infosphere-cve20181875-open-redirect (151639)",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_format" : "MITRE"
} }

96
2018/1xxx/CVE-2018-1899.json
View File

@ -1,17 +1,95 @@
{ {
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1899",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0", "data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "InfoSphere Information Server",
"version" : {
"version_data" : [
{
"version_value" : "11.3"
},
{
"version_value" : "11.5"
},
{
"version_value" : "11.7"
}
]
}
}
]
}
}
]
}
},
"data_type" : "CVE",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "value" : "IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the settings related to InfoSphere Business Glossary Anywhere due to improper access control. IBM X-Force ID: 152528.",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "lang" : "eng"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2018-1899",
"DATE_PUBLIC" : "2019-02-01T00:00:00"
},
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "N",
"S" : "U",
"UI" : "N",
"SCORE" : "4.300",
"AC" : "L",
"A" : "N",
"C" : "N",
"I" : "L",
"AV" : "A"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10744029",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10744029",
"title" : "IBM Security Bulletin 744029 (InfoSphere Information Server)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152528",
"name" : "ibm-infosphere-cve20181899-improper-access (152528)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
} }
] ]
} }

88
2018/1xxx/CVE-2018-1937.json
View File

@ -1,17 +1,89 @@
{ {
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1937",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0", "data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "IBM Cloud Private 3.1.1 could alllow a local user with administrator privileges to intercept highly sensitive unencrypted data. IBM X-Force ID: 153317."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "3.1.1"
}
]
},
"product_name" : "Cloud Private"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_type" : "CVE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-03-02T00:00:00",
"ID" : "CVE-2018-1937",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"PR" : "H",
"S" : "U",
"AC" : "L",
"C" : "H",
"A" : "N",
"UI" : "N",
"SCORE" : "4.400",
"AV" : "L",
"I" : "N"
}
}
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 871766 (Cloud Private)",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10871766",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10871766",
"refsource" : "CONFIRM"
},
{
"refsource" : "XF",
"name" : "ibm-cloud-cve20181937-info-disc (153317)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153317",
"title" : "X-Force Vulnerability Report"
} }
] ]
} }

86
2018/1xxx/CVE-2018-1938.json
View File

@ -1,18 +1,90 @@
{ {
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1938",
"STATE" : "RESERVED"
},
"data_format" : "MITRE", "data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10871770",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10871770",
"title" : "IBM Security Bulletin 871770 (Cloud Private)"
},
{
"name" : "ibm-cloud-cve20181938-info-disc (153318)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153318",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"AC" : "L",
"A" : "N",
"C" : "H",
"SCORE" : "4.400",
"UI" : "N",
"PR" : "H",
"S" : "U",
"AV" : "L",
"I" : "N"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Cloud Private",
"version" : {
"version_data" : [
{
"version_value" : "3.1.1"
}
]
}
}
]
}
}
]
}
},
"data_type" : "CVE", "data_type" : "CVE",
"data_version" : "4.0",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "IBM Cloud Private 3.1.1 could alllow a local user with administrator privileges to intercept highly sensitive unencrypted data. IBM X-Force ID: 153318."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
} }
] ]
} }
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-03-02T00:00:00",
"ID" : "CVE-2018-1938",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"data_version" : "4.0"
} }

86
2018/1xxx/CVE-2018-1939.json
View File

@ -1,17 +1,89 @@
{ {
"CVE_data_meta" : { "impact" : {
"ASSIGNER" : "cve@mitre.org", "cvssv3" : {
"ID" : "CVE-2018-1939", "BM" : {
"STATE" : "RESERVED" "I" : "H",
"AV" : "N",
"PR" : "L",
"S" : "C",
"A" : "N",
"AC" : "L",
"C" : "N",
"SCORE" : "6.800",
"UI" : "R"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10871652",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10871652",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 871652 (Cloud Private)"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153319",
"name" : "ibm-cloud-cve20181939-open-redirect (153319)"
}
]
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0", "data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1939",
"DATE_PUBLIC" : "2019-03-02T00:00:00",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Cloud Private",
"version" : {
"version_data" : [
{
"version_value" : "3.1.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_type" : "CVE",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "value" : "IBM Cloud Private 3.1.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 153319.",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "lang" : "eng"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
} }
] ]
} }

85
2019/4xxx/CVE-2019-4027.json
View File

@ -1,18 +1,93 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "DATE_PUBLIC" : "2019-02-28T00:00:00",
"ID" : "CVE-2019-4027", "ID" : "CVE-2019-4027",
"STATE" : "RESERVED" "STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.0.1"
},
{
"version_value" : "6.0.0.0"
}
]
},
"product_name" : "Sterling B2B Integrator"
}
]
}
}
]
}
}, },
"data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
"data_version" : "4.0", "problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
},
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-ForceID: 155905."
} }
] ]
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10874246",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10874246",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 874246 (Sterling B2B Integrator)"
},
{
"name" : "ibm-sterling-cve20194027-xss (155905)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155905",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"UI" : "R",
"SCORE" : "5.400",
"AC" : "L",
"A" : "N",
"C" : "L",
"S" : "C",
"PR" : "L",
"I" : "L",
"AV" : "N"
}
}
} }
} }

87
2019/4xxx/CVE-2019-4028.json
View File

@ -1,18 +1,93 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "STATE" : "PUBLIC",
"ID" : "CVE-2019-4028", "ID" : "CVE-2019-4028",
"STATE" : "RESERVED" "DATE_PUBLIC" : "2019-02-28T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155906."
}
]
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.2.0.1"
},
{
"version_value" : "6.0.0.0"
}
]
},
"product_name" : "Sterling B2B Integrator"
}
]
},
"vendor_name" : "IBM"
} }
] ]
} }
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10874246",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10874246",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 874246 (Sterling B2B Integrator)"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155906",
"name" : "ibm-sterling-cve20194028-xss (155906)",
"refsource" : "XF"
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"I" : "L",
"S" : "C",
"PR" : "L",
"AC" : "L",
"C" : "L",
"A" : "N",
"UI" : "R",
"SCORE" : "5.400"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "H"
}
}
}
} }

91
2019/4xxx/CVE-2019-4029.json
View File

@ -1,18 +1,93 @@
{ {
"CVE_data_meta" : { "impact" : {
"ASSIGNER" : "cve@mitre.org", "cvssv3" : {
"ID" : "CVE-2019-4029", "TM" : {
"STATE" : "RESERVED" "E" : "H",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"I" : "L",
"AV" : "N",
"SCORE" : "5.400",
"UI" : "R",
"A" : "N",
"C" : "L",
"AC" : "L",
"PR" : "L",
"S" : "C"
}
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 874246 (Sterling B2B Integrator)",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10874246",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10874246",
"refsource" : "CONFIRM"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155907",
"name" : "ibm-sterling-cve20194029-xss (155907)",
"title" : "X-Force Vulnerability Report"
}
]
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0", "data_version" : "4.0",
"description" : { "CVE_data_meta" : {
"description_data" : [ "DATE_PUBLIC" : "2019-02-28T00:00:00",
"ID" : "CVE-2019-4029",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "Cross-Site Scripting"
} }
] ]
} }
]
},
"description" : {
"description_data" : [
{
"value" : "IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 155907.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Sterling B2B Integrator",
"version" : {
"version_data" : [
{
"version_value" : "5.2.0.1"
},
{
"version_value" : "6.0.0.0"
}
]
}
}
]
}
}
]
}
},
"data_type" : "CVE"
} }

88
2019/4xxx/CVE-2019-4032.json
View File

@ -1,18 +1,90 @@
{ {
"CVE_data_meta" : { "problemtype" : {
"ASSIGNER" : "cve@mitre.org", "problemtype_data" : [
"ID" : "CVE-2019-4032", {
"STATE" : "RESERVED" "description" : [
{
"value" : "Data Manipulation",
"lang" : "eng"
}
]
}
]
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-ForceID: 155998."
}
]
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Financial Transaction Manager",
"version" : {
"version_data" : [
{
"version_value" : "3.1.0"
} }
] ]
} }
}
]
}
}
]
}
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-01-31T00:00:00",
"ID" : "CVE-2019-4032",
"STATE" : "PUBLIC"
},
"data_version" : "4.0",
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10869520",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10869520",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 869520 (Financial Transaction Manager)"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-ftm-cve20194032-sql-injection (155998)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155998"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"AV" : "N",
"I" : "L",
"S" : "U",
"PR" : "L",
"SCORE" : "6.300",
"UI" : "N",
"AC" : "L",
"A" : "L",
"C" : "L"
}
}
}
} }

91
2019/4xxx/CVE-2019-4063.json
View File

@ -1,18 +1,93 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4063", "ID" : "CVE-2019-4063",
"STATE" : "RESERVED" "DATE_PUBLIC" : "2019-02-28T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
}, },
"data_format" : "MITRE", "problemtype" : {
"data_type" : "CVE", "problemtype_data" : [
"data_version" : "4.0", {
"description" : { "description" : [
"description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "Obtain Information"
} }
] ]
} }
]
},
"description" : {
"description_data" : [
{
"value" : "IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive information to be transmitted in plain text. An attacker could obtain this information using man in the middle techniques. IBM X-ForceID: 157008.",
"lang" : "eng"
}
]
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Sterling B2B Integrator",
"version" : {
"version_data" : [
{
"version_value" : "5.2.0.1"
},
{
"version_value" : "6.0.0.0"
}
]
}
}
]
}
}
]
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 874234 (Sterling B2B Integrator)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10874234",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10874234",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-sterling-cve20194063-info-disc (157008)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/157008",
"refsource" : "XF"
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"S" : "U",
"PR" : "N",
"AC" : "H",
"A" : "N",
"C" : "H",
"UI" : "N",
"SCORE" : "5.900",
"I" : "N",
"AV" : "N"
}
}
}
} }