admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-07-02 13:04:31 -04:00
parent 3634d9d2d6
commit 3c3352daf1
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
12 changed files with 711 additions and 310 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
2018/10xxx/CVE-2018-10843.json
View File

@ -1,72 +1,75 @@
{
"impact": {
"cvss": [
[
{
"vectorString": "8.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
"CVE_data_meta" : {
"ASSIGNER" : "lpardo@redhat.com",
"ID" : "CVE-2018-10843",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "source-to-image",
"version" : {
"version_data" : [
{
"version_value" : "atomic-openshift 3.7.53"
},
{
"version_value" : "atomic-openshift 3.9.31"
}
]
}
}
]
},
"vendor_name" : "[UNKNOWN]"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "8.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version" : "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-20"
}
]
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "atomic-openshift 3.7.53"
},
{
"version_value": "atomic-openshift 3.9.31"
}
]
},
"product_name": "source-to-image"
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10843"
}
]
},
"CVE_data_meta": {
"ID": "CVE-2018-10843",
"ASSIGNER": "lpardo@redhat.com"
}
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10843",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10843"
}
]
}
}

53
2018/12xxx/CVE-2018-12426.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12426",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/CodeCabin/wp-live-chat-support/blob/master/readme.txt",
"refsource" : "MISC",
"url" : "https://github.com/CodeCabin/wp-live-chat-support/blob/master/readme.txt"
},
{
"name" : "https://github.com/RiieCco/write-ups/tree/master/CVE-2018-12426",
"refsource" : "MISC",
"url" : "https://github.com/RiieCco/write-ups/tree/master/CVE-2018-12426"
}
]
}

58
2018/12xxx/CVE-2018-12891.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12891",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20180627 Xen Security Advisory 264 (CVE-2018-12891) - preemption checks bypassed in x86 PV MM handling",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2018/06/27/10"
},
{
"name" : "http://xenbits.xen.org/xsa/advisory-264.html",
"refsource" : "CONFIRM",
"url" : "http://xenbits.xen.org/xsa/advisory-264.html"
},
{
"name" : "104570",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104570"
}
]
}

58
2018/12xxx/CVE-2018-12892.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12892",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or (in some situations) users may be able to write to supposedly read-only disk images. Only emulated SCSI disks (specified as \"sd\" in the libxl disk configuration, or an equivalent) are affected. IDE disks (\"hd\") are not affected (because attempts to make them readonly are rejected). Additionally, CDROM devices (that is, devices specified to be presented to the guest as CDROMs, regardless of the nature of the backing storage on the host) are not affected; they are always read only. Only systems using qemu-xen (rather than qemu-xen-traditional) as the device model version are vulnerable. Only systems using libxl or libxl-based toolstacks are vulnerable. (This includes xl, and libvirt with the libxl driver.) The vulnerability is present in Xen versions 4.7 and later. (In earlier versions, provided that the patch for XSA-142 has been applied, attempts to create read only disks are rejected.) If the host and guest together usually support PVHVM, the issue is exploitable only if the malicious guest administrator has control of the guest kernel or guest kernel command line."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20180627 Xen Security Advisory 266 (CVE-2018-12892) - libxl fails to honour readonly flag on HVM emulated SCSI disks",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2018/06/27/12"
},
{
"name" : "http://xenbits.xen.org/xsa/advisory-266.html",
"refsource" : "CONFIRM",
"url" : "http://xenbits.xen.org/xsa/advisory-266.html"
},
{
"name" : "104571",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104571"
}
]
}

63
2018/12xxx/CVE-2018-12893.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12893",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20180627 Xen Security Advisory 265 (CVE-2018-12893) - x86: #DB exception safety check can be triggered by a guest",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2018/06/27/11"
},
{
"name" : "http://xenbits.xen.org/xsa/advisory-265.html",
"refsource" : "CONFIRM",
"url" : "http://xenbits.xen.org/xsa/advisory-265.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1590979",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1590979"
},
{
"name" : "104572",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104572"
}
]
}

58
2018/12xxx/CVE-2018-12896.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12896",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.kernel.org/show_bug.cgi?id=200189",
"refsource" : "MISC",
"url" : "https://bugzilla.kernel.org/show_bug.cgi?id=200189"
},
{
"name" : "https://github.com/lcytxw/bug_repro/tree/master/bug_200189",
"refsource" : "MISC",
"url" : "https://github.com/lcytxw/bug_repro/tree/master/bug_200189"
},
{
"name" : "https://github.com/torvalds/linux/commit/78c9c4dfbf8c04883941445a195276bb4bb92c76",
"refsource" : "MISC",
"url" : "https://github.com/torvalds/linux/commit/78c9c4dfbf8c04883941445a195276bb4bb92c76"
}
]
}

62
2018/13xxx/CVE-2018-13066.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-13066",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "There is a memory leak in util/parser.c in libming 0.4.8, which will lead to a denial of service via parseSWF_DEFINEBUTTON2, parseSWF_DEFINEFONT, parseSWF_DEFINEFONTINFO, parseSWF_DEFINELOSSLESS, parseSWF_DEFINESPRITE, parseSWF_DEFINETEXT, parseSWF_DOACTION, parseSWF_FILLSTYLEARRAY, parseSWF_FRAMELABEL, parseSWF_LINESTYLEARRAY, parseSWF_PLACEOBJECT2, or parseSWF_SHAPEWITHSTYLE."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/libming/libming/issues/146",
"refsource" : "MISC",
"url" : "https://github.com/libming/libming/issues/146"
}
]
}
}

62
2018/13xxx/CVE-2018-13067.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-13067",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "/upload/catalog/controller/account/password.php in OpenCart through 3.0.2.0 has CSRF via the index.php?route=account/password URI to change a user's password."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://whitehatck01.blogspot.com/2018/06/opencart-v3-0-3-0-user-changes-password.html",
"refsource" : "MISC",
"url" : "https://whitehatck01.blogspot.com/2018/06/opencart-v3-0-3-0-user-changes-password.html"
}
]
}
}

117
2018/1xxx/CVE-2018-1212.json
View File

@ -1,100 +1,101 @@
{
"CVE_data_meta": {
"ASSIGNER": "Security_Alert@emc.com",
"DATE_PUBLIC": "2018-06-26T05:00:00.000Z",
"ID": "CVE-2018-1212",
"STATE": "PUBLIC",
"TITLE": "Authenticated remote code execution in iDRAC 6"
"CVE_data_meta" : {
"ASSIGNER" : "Security_Alert@emc.com",
"DATE_PUBLIC" : "2018-06-26T05:00:00.000Z",
"ID" : "CVE-2018-1212",
"STATE" : "PUBLIC",
"TITLE" : "Authenticated remote code execution in iDRAC 6"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "iDRAC6 (Monolithic)",
"version": {
"version_data": [
"product_name" : "iDRAC6 (Monolithic)",
"version" : {
"version_data" : [
{
"affected": "<",
"version_value": "2.91"
"affected" : "<",
"version_value" : "2.91"
}
]
}
},
{
"product_name": "iDRAC6 (Modular)",
"version": {
"version_data": [
"product_name" : "iDRAC6 (Modular)",
"version" : {
"version_data" : [
{
"affected": "<=",
"version_value": "3.85"
"affected" : "<=",
"version_value" : "3.85"
}
]
}
}
]
},
"vendor_name": "Dell EMC"
"vendor_name" : "Dell EMC"
}
]
}
},
"credit": [
"credit" : [
{
"lang": "eng",
"value": "Dell EMC would like to thank Arseniy for reporting this issue to us. "
"lang" : "eng",
"value" : "Dell EMC would like to thank Arseniy for reporting this issue to us. "
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and\nModular all versions) contains a command injection vulnerability. A remote authenticated malicious iDRAC user\nwith access to the diagnostics console could potentially exploit this vulnerability to execute arbitrary commands\nas root on the affected iDRAC system."
"lang" : "eng",
"value" : "The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. A remote authenticated malicious iDRAC user with access to the diagnostics console could potentially exploit this vulnerability to execute arbitrary commands as root on the affected iDRAC system."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "LOW",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Authenticated remote code execution command injection vulnerability. "
"lang" : "eng",
"value" : "Authenticated remote code execution command injection vulnerability. "
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"refsource": "CONFIRM",
"url": "http://en.community.dell.com/techcenter/extras/m/white_papers/20487494"
"name" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20487494",
"refsource" : "CONFIRM",
"url" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20487494"
}
]
},
"source": {
"discovery": "UNKNOWN"
"source" : {
"discovery" : "UNKNOWN"
}
}
}

127
2018/1xxx/CVE-2018-1243.json
View File

@ -1,111 +1,112 @@
{
"CVE_data_meta": {
"ASSIGNER": "Security_Alert@emc.com",
"DATE_PUBLIC": "2018-06-26T05:00:00.000Z",
"ID": "CVE-2018-1243",
"STATE": "PUBLIC",
"TITLE": "iDRAC6/iDRAC7/iDRAC8 - Weak CGI session ID vulnerability"
"CVE_data_meta" : {
"ASSIGNER" : "Security_Alert@emc.com",
"DATE_PUBLIC" : "2018-06-26T05:00:00.000Z",
"ID" : "CVE-2018-1243",
"STATE" : "PUBLIC",
"TITLE" : "iDRAC6/iDRAC7/iDRAC8 - Weak CGI session ID vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "iDRAC6",
"version": {
"version_data": [
"product_name" : "iDRAC6",
"version" : {
"version_data" : [
{
"affected": "<",
"version_value": "2.91"
"affected" : "<",
"version_value" : "2.91"
}
]
}
},
{
"product_name": "iDRAC7",
"version": {
"version_data": [
"product_name" : "iDRAC7",
"version" : {
"version_data" : [
{
"affected": "<",
"version_value": "2.60.60.60"
"affected" : "<",
"version_value" : "2.60.60.60"
}
]
}
},
{
"product_name": "iDRAC8",
"version": {
"version_data": [
"product_name" : "iDRAC8",
"version" : {
"version_data" : [
{
"affected": "<",
"version_value": "2.60.60.60"
"affected" : "<",
"version_value" : "2.60.60.60"
}
]
}
}
]
},
"vendor_name": "Dell EMC"
"vendor_name" : "Dell EMC"
}
]
}
},
"credit": [
"credit" : [
{
"lang": "eng",
"value": "Dell EMC would like to thank Check Point Software Technologies Ltd. for reporting the issue to us. "
"lang" : "eng",
"value" : "Dell EMC would like to thank Check Point Software Technologies Ltd. for reporting the issue to us. "
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and\niDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. The sessions invoked via CGI\nbinaries use 96-bit numeric-only session ID values, which makes it easier for remote attackers to perform bruteforce\nsession guessing attacks."
"lang" : "eng",
"value" : "Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. The sessions invoked via CGI binaries use 96-bit numeric-only session ID values, which makes it easier for remote attackers to perform bruteforce session guessing attacks."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "HIGH",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "LOW",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Weak CGI session ID vulnerability."
"lang" : "eng",
"value" : "Weak CGI session ID vulnerability."
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"refsource": "CONFIRM",
"url": "http://en.community.dell.com/techcenter/extras/m/white_papers/20487494"
"name" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20487494",
"refsource" : "CONFIRM",
"url" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20487494"
}
]
},
"source": {
"discovery": "UNKNOWN"
"source" : {
"discovery" : "UNKNOWN"
}
}
}

121
2018/1xxx/CVE-2018-1244.json
View File

@ -1,105 +1,106 @@
{
"CVE_data_meta": {
"ASSIGNER": "Security_Alert@emc.com",
"DATE_PUBLIC": "2018-06-26T05:00:00.000Z",
"ID": "CVE-2018-1244",
"STATE": "PUBLIC",
"TITLE": "iDRAC7/iDRAC8/iDrac9 contains a command injection vulnerability in the SNMP agent. "
"CVE_data_meta" : {
"ASSIGNER" : "Security_Alert@emc.com",
"DATE_PUBLIC" : "2018-06-26T05:00:00.000Z",
"ID" : "CVE-2018-1244",
"STATE" : "PUBLIC",
"TITLE" : "iDRAC7/iDRAC8/iDrac9 contains a command injection vulnerability in the SNMP agent. "
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "iDRAC7",
"version": {
"version_data": [
"product_name" : "iDRAC7",
"version" : {
"version_data" : [
{
"affected": "<",
"version_value": "2.60.60.60"
"affected" : "<",
"version_value" : "2.60.60.60"
}
]
}
},
{
"product_name": "iDRAC8",
"version": {
"version_data": [
"product_name" : "iDRAC8",
"version" : {
"version_data" : [
{
"affected": "<",
"version_value": "2.60.60.60"
"affected" : "<",
"version_value" : "2.60.60.60"
}
]
}
},
{
"product_name": "iDRAC9",
"version": {
"version_data": [
"product_name" : "iDRAC9",
"version" : {
"version_data" : [
{
"affected": "<",
"version_value": "3.21.21.21"
"affected" : "<",
"version_value" : "3.21.21.21"
}
]
}
}
]
},
"vendor_name": "Dell EMC"
"vendor_name" : "Dell EMC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21\ncontain a command injection vulnerability in the SNMP agent. A remote authenticated malicious iDRAC user\nwith configuration privileges could potentially exploit this vulnerability to execute arbitrary commands on the\niDRAC where SNMP alerting is enabled."
"lang" : "eng",
"value" : "Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. A remote authenticated malicious iDRAC user with configuration privileges could potentially exploit this vulnerability to execute arbitrary commands on the iDRAC where SNMP alerting is enabled."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "LOW",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Command injection vulnerability in the SNMP agent. "
"lang" : "eng",
"value" : "Command injection vulnerability in the SNMP agent. "
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"refsource": "CONFIRM",
"url": "http://en.community.dell.com/techcenter/extras/m/white_papers/20487494"
"name" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20487494",
"refsource" : "CONFIRM",
"url" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20487494"
}
]
},
"source": {
"discovery": "UNKNOWN"
"source" : {
"discovery" : "UNKNOWN"
}
}
}

101
2018/1xxx/CVE-2018-1249.json
View File

@ -1,83 +1,84 @@
{
"CVE_data_meta": {
"ASSIGNER": "Security_Alert@emc.com",
"DATE_PUBLIC": "2018-06-26T05:00:00.000Z",
"ID": "CVE-2018-1249",
"STATE": "PUBLIC",
"TITLE": "iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs"
"CVE_data_meta" : {
"ASSIGNER" : "Security_Alert@emc.com",
"DATE_PUBLIC" : "2018-06-26T05:00:00.000Z",
"ID" : "CVE-2018-1249",
"STATE" : "PUBLIC",
"TITLE" : "iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "iDRAC9",
"version": {
"version_data": [
"product_name" : "iDRAC9",
"version" : {
"version_data" : [
{
"affected": "<",
"version_value": "3.21.21.21"
"affected" : "<",
"version_value" : "3.21.21.21"
}
]
}
}
]
},
"vendor_name": "Dell EMC"
"vendor_name" : "Dell EMC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "Dell EMC iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a\nconnection to iDRAC web server for certain URLs. A man-in-the-middle attacker could use this vulnerability to\nstrip the SSL/TLS protection from a connection between a client and a server."
"lang" : "eng",
"value" : "Dell EMC iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs. A man-in-the-middle attacker could use this vulnerability to strip the SSL/TLS protection from a connection between a client and a server."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "HIGH",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "LOW",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "SSL Strip Vulnerability"
"lang" : "eng",
"value" : "SSL Strip Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"refsource": "CONFIRM",
"url": "http://en.community.dell.com/techcenter/extras/m/white_papers/20487494"
"name" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20487494",
"refsource" : "CONFIRM",
"url" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20487494"
}
]
},
"source": {
"discovery": "UNKNOWN"
"source" : {
"discovery" : "UNKNOWN"
}
}
}