From 426936f7acbe5e80187b37c5ae6f6f46c4d5e51c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 24 Jul 2018 11:04:46 -0400 Subject: [PATCH] - Synchronized data. --- 2016/5xxx/CVE-2016-5638.json | 80 ++++---- 2016/5xxx/CVE-2016-5649.json | 92 +++++----- 2017/3xxx/CVE-2017-3180.json | 326 ++++++++++++++++----------------- 2017/3xxx/CVE-2017-3181.json | 172 ++++++++--------- 2017/3xxx/CVE-2017-3182.json | 88 ++++----- 2017/3xxx/CVE-2017-3183.json | 92 +++++----- 2017/3xxx/CVE-2017-3187.json | 80 ++++---- 2017/3xxx/CVE-2017-3188.json | 80 ++++---- 2017/3xxx/CVE-2017-3189.json | 80 ++++---- 2017/3xxx/CVE-2017-3209.json | 78 ++++---- 2017/3xxx/CVE-2017-3210.json | 86 ++++----- 2017/3xxx/CVE-2017-3217.json | 86 ++++----- 2017/3xxx/CVE-2017-3223.json | 86 ++++----- 2017/3xxx/CVE-2017-3224.json | 72 ++++---- 2017/3xxx/CVE-2017-3225.json | 74 ++++---- 2017/3xxx/CVE-2017-3226.json | 74 ++++---- 2018/14xxx/CVE-2018-14580.json | 18 ++ 2018/14xxx/CVE-2018-14581.json | 18 ++ 2018/5xxx/CVE-2018-5384.json | 85 +++++---- 2018/5xxx/CVE-2018-5385.json | 85 +++++---- 2018/5xxx/CVE-2018-5386.json | 85 +++++---- 2018/5xxx/CVE-2018-5387.json | 78 ++++---- 22 files changed, 1033 insertions(+), 982 deletions(-) create mode 100644 2018/14xxx/CVE-2018-14580.json create mode 100644 2018/14xxx/CVE-2018-14581.json diff --git a/2016/5xxx/CVE-2016-5638.json b/2016/5xxx/CVE-2016-5638.json index aa18e625697..70fba61a127 100644 --- a/2016/5xxx/CVE-2016-5638.json +++ b/2016/5xxx/CVE-2016-5638.json @@ -1,74 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2016-5638", - "STATE": "PUBLIC", - "TITLE": "Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877 reveals some sensitive information such as 2.4GHz & 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2016-5638", + "STATE" : "PUBLIC", + "TITLE" : "Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877 reveals some sensitive information such as 2.4GHz & 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "WNDR4500", - "version": { - "version_data": [ + "product_name" : "WNDR4500", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "V1.0.1.40_1.0.6877", - "version_value": "V1.0.1.40_1.0.6877" + "affected" : "=", + "version_name" : "V1.0.1.40_1.0.6877", + "version_value" : "V1.0.1.40_1.0.6877" } ] } } ] }, - "vendor_name": "Netgear" + "vendor_name" : "Netgear" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877. Genie app adds some capabilities over the Web GUI and can be accessed even when you are away from home. A remote attacker can access genie_ping.htm or genie_ping2.htm or genie_ping3.htm page without authentication. Once accessed, the page will be redirected to the aCongratulations2.htma page, which reveals some sensitive information such as 2.4GHz & 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text." + "lang" : "eng", + "value" : "There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877. Genie app adds some capabilities over the Web GUI and can be accessed even when you are away from home. A remote attacker can access genie_ping.htm or genie_ping2.htm or genie_ping3.htm page without authentication. Once accessed, the page will be redirected to the aCongratulations2.htma page, which reveals some sensitive information such as 2.4GHz & 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-319" + "lang" : "eng", + "value" : "CWE-319" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html", - "refsource": "MISC", - "url": "https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html" + "name" : "https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html", + "refsource" : "MISC", + "url" : "https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html" } ] }, - "solution": [ + "solution" : [ { - "lang": "eng", - "value": "Netgear has released firmware version 1.0.0.52 for DGN2200 & 1.0.0.28 for DGND3700 to address this issue." + "lang" : "eng", + "value" : "Netgear has released firmware version 1.0.0.52 for DGN2200 & 1.0.0.28 for DGND3700 to address this issue." } ], - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2016/5xxx/CVE-2016-5649.json b/2016/5xxx/CVE-2016-5649.json index fc9a75f34f6..0e452878956 100644 --- a/2016/5xxx/CVE-2016-5649.json +++ b/2016/5xxx/CVE-2016-5649.json @@ -1,86 +1,86 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2016-5649", - "STATE": "PUBLIC", - "TITLE": "Netgear DGN2200 and DGND3700 disclose the administrator password" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2016-5649", + "STATE" : "PUBLIC", + "TITLE" : "Netgear DGN2200 and DGND3700 disclose the administrator password" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "DGN2200", - "version": { - "version_data": [ + "product_name" : "DGN2200", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "DGN2200-V1.0.0.50_7.0.50", - "version_value": "DGN2200-V1.0.0.50_7.0.50" + "affected" : "=", + "version_name" : "DGN2200-V1.0.0.50_7.0.50", + "version_value" : "DGN2200-V1.0.0.50_7.0.50" } ] } }, { - "product_name": "DGND3700", - "version": { - "version_data": [ + "product_name" : "DGND3700", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "DGND3700-V1.0.0.17_1.0.17", - "version_value": "DGND3700-V1.0.0.17_1.0.17" + "affected" : "=", + "version_name" : "DGND3700-V1.0.0.17_1.0.17", + "version_value" : "DGND3700-V1.0.0.17_1.0.17" } ] } } ] }, - "vendor_name": "Netgear" + "vendor_name" : "Netgear" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When processed, it exposes the admin password in clear text before it gets redirected to absw_vfysucc.cgia. An attacker can use this password to gain administrator access to the targeted router's web interface." + "lang" : "eng", + "value" : "A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When processed, it exposes the admin password in clear text before it gets redirected to absw_vfysucc.cgia. An attacker can use this password to gain administrator access to the targeted router's web interface." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-319" + "lang" : "eng", + "value" : "CWE-319" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html", - "refsource": "MISC", - "url": "https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html" + "name" : "https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html", + "refsource" : "MISC", + "url" : "https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html" } ] }, - "solution": [ + "solution" : [ { - "lang": "eng", - "value": "Netgear has released firmware version 1.0.0.52 for DGN2200 & 1.0.0.28 for DGND3700 to address this issue." + "lang" : "eng", + "value" : "Netgear has released firmware version 1.0.0.52 for DGN2200 & 1.0.0.28 for DGND3700 to address this issue." } ], - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3180.json b/2017/3xxx/CVE-2017-3180.json index 85b56179abb..f3d9b466d51 100644 --- a/2017/3xxx/CVE-2017-3180.json +++ b/2017/3xxx/CVE-2017-3180.json @@ -1,298 +1,298 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3180", - "STATE": "PUBLIC", - "TITLE": "Multiple TIBCO Spotfire components fail to sanitize user-supplied inout and are vulnerable to cross-site scripting" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3180", + "STATE" : "PUBLIC", + "TITLE" : "Multiple TIBCO Spotfire components fail to sanitize user-supplied inout and are vulnerable to cross-site scripting" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Silver Fabric Enabler for Spotfire Web Player ", - "version": { - "version_data": [ + "product_name" : "Silver Fabric Enabler for Spotfire Web Player ", + "version" : { + "version_data" : [ { - "affected": "<=", - "version_name": "2.1.2", - "version_value": "2.1.2" + "affected" : "<=", + "version_name" : "2.1.2", + "version_value" : "2.1.2" } ] } }, { - "product_name": "Spotfire Analyst", - "version": { - "version_data": [ + "product_name" : "Spotfire Analyst", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "7.5.0", - "version_value": "7.5.0" + "affected" : "=", + "version_name" : "7.5.0", + "version_value" : "7.5.0" }, { - "affected": "=", - "version_name": "7.6.0", - "version_value": "7.6.0" + "affected" : "=", + "version_name" : "7.6.0", + "version_value" : "7.6.0" }, { - "affected": "=", - "version_name": "7.7.0", - "version_value": "7.7.0" + "affected" : "=", + "version_name" : "7.7.0", + "version_value" : "7.7.0" } ] } }, { - "product_name": "Spotfire Analytics Platform for AWS Marketplace", - "version": { - "version_data": [ + "product_name" : "Spotfire Analytics Platform for AWS Marketplace", + "version" : { + "version_data" : [ { - "affected": "<=", - "version_name": "7.0.2", - "version_value": "7.0.2" + "affected" : "<=", + "version_name" : "7.0.2", + "version_value" : "7.0.2" } ] } }, { - "product_name": "Spotfire Automation Services 6", - "version": { - "version_data": [ + "product_name" : "Spotfire Automation Services 6", + "version" : { + "version_data" : [ { - "affected": "<=", - "version_name": "6.5.3", - "version_value": "6.5.3" + "affected" : "<=", + "version_name" : "6.5.3", + "version_value" : "6.5.3" }, { - "affected": "=", - "version_name": "7.0.0", - "version_value": "7.0.0" + "affected" : "=", + "version_name" : "7.0.0", + "version_value" : "7.0.0" }, { - "affected": "=", - "version_name": "7.0.1", - "version_value": "7.0.1" + "affected" : "=", + "version_name" : "7.0.1", + "version_value" : "7.0.1" } ] } }, { - "product_name": "Spotfire Connectors", - "version": { - "version_data": [ + "product_name" : "Spotfire Connectors", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "7.6.0", - "version_value": "7.6.0" + "affected" : "=", + "version_name" : "7.6.0", + "version_value" : "7.6.0" } ] } }, { - "product_name": "Spotfire Deployment Kit", - "version": { - "version_data": [ + "product_name" : "Spotfire Deployment Kit", + "version" : { + "version_data" : [ { - "affected": "<=", - "version_name": "6.5.3", - "version_value": "6.5.3" + "affected" : "<=", + "version_name" : "6.5.3", + "version_value" : "6.5.3" }, { - "affected": "=", - "version_name": "7.0.0", - "version_value": "7.0.0" + "affected" : "=", + "version_name" : "7.0.0", + "version_value" : "7.0.0" }, { - "affected": "=", - "version_name": "7.0.1", - "version_value": "7.0.1" + "affected" : "=", + "version_name" : "7.0.1", + "version_value" : "7.0.1" }, { - "affected": "=", - "version_name": "7.5.0", - "version_value": "7.5.0" + "affected" : "=", + "version_name" : "7.5.0", + "version_value" : "7.5.0" }, { - "affected": "=", - "version_name": "7.6.0", - "version_value": "7.6.0" + "affected" : "=", + "version_name" : "7.6.0", + "version_value" : "7.6.0" }, { - "affected": "=", - "version_name": "7.7.0", - "version_value": "7.7.0" + "affected" : "=", + "version_name" : "7.7.0", + "version_value" : "7.7.0" } ] } }, { - "product_name": "Spotfire Desktop", - "version": { - "version_data": [ + "product_name" : "Spotfire Desktop", + "version" : { + "version_data" : [ { - "affected": "<=", - "version_name": "6.5.2", - "version_value": "6.5.2" + "affected" : "<=", + "version_name" : "6.5.2", + "version_value" : "6.5.2" }, { - "affected": "=", - "version_name": "7.0.0", - "version_value": "7.0.0" + "affected" : "=", + "version_name" : "7.0.0", + "version_value" : "7.0.0" }, { - "affected": "=", - "version_name": "7.0.1", - "version_value": "7.0.1" + "affected" : "=", + "version_name" : "7.0.1", + "version_value" : "7.0.1" }, { - "affected": "=", - "version_name": "7.5.0", - "version_value": "7.5.0" + "affected" : "=", + "version_name" : "7.5.0", + "version_value" : "7.5.0" }, { - "affected": "=", - "version_name": "7.6.0", - "version_value": "7.6.0" + "affected" : "=", + "version_name" : "7.6.0", + "version_value" : "7.6.0" }, { - "affected": "=", - "version_name": "7.7.0", - "version_value": "7.7.0" + "affected" : "=", + "version_name" : "7.7.0", + "version_value" : "7.7.0" } ] } }, { - "product_name": "Spotfire Desktop Developer Edition", - "version": { - "version_data": [ + "product_name" : "Spotfire Desktop Developer Edition", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "7.7.0", - "version_value": "7.7.0" + "affected" : "=", + "version_name" : "7.7.0", + "version_value" : "7.7.0" } ] } }, { - "product_name": "Spotfire Desktop Language Packs", - "version": { - "version_data": [ + "product_name" : "Spotfire Desktop Language Packs", + "version" : { + "version_data" : [ { - "affected": "<=", - "version_name": "7.0.1", - "version_value": "7.0.1" + "affected" : "<=", + "version_name" : "7.0.1", + "version_value" : "7.0.1" }, { - "affected": "=", - "version_name": "7.5.0", - "version_value": "7.5.0" + "affected" : "=", + "version_name" : "7.5.0", + "version_value" : "7.5.0" }, { - "affected": "=", - "version_name": "7.6.0", - "version_value": "7.6.0" + "affected" : "=", + "version_name" : "7.6.0", + "version_value" : "7.6.0" }, { - "affected": "=", - "version_name": "7.7.0", - "version_value": "7.7.0" + "affected" : "=", + "version_name" : "7.7.0", + "version_value" : "7.7.0" } ] } }, { - "product_name": "Spotfire Professional", - "version": { - "version_data": [ + "product_name" : "Spotfire Professional", + "version" : { + "version_data" : [ { - "affected": "<=", - "version_name": "6.5.3", - "version_value": "6.5.3" + "affected" : "<=", + "version_name" : "6.5.3", + "version_value" : "6.5.3" }, { - "affected": "=", - "version_name": "7.0.0", - "version_value": "7.0.0" + "affected" : "=", + "version_name" : "7.0.0", + "version_value" : "7.0.0" }, { - "affected": "=", - "version_name": "7.0.1", - "version_value": "7.0.1" + "affected" : "=", + "version_name" : "7.0.1", + "version_value" : "7.0.1" } ] } }, { - "product_name": "Spotfire Web Player", - "version": { - "version_data": [ + "product_name" : "Spotfire Web Player", + "version" : { + "version_data" : [ { - "affected": "<=", - "version_name": "6.5.3", - "version_value": "6.5.3" + "affected" : "<=", + "version_name" : "6.5.3", + "version_value" : "6.5.3" }, { - "affected": "=", - "version_name": "7.0.0", - "version_value": "7.0.0" + "affected" : "=", + "version_name" : "7.0.0", + "version_value" : "7.0.0" }, { - "affected": "=", - "version_name": "7.0.1", - "version_value": "7.0.1" + "affected" : "=", + "version_name" : "7.0.1", + "version_value" : "7.0.1" } ] } } ] }, - "vendor_name": "TIBCO" + "vendor_name" : "TIBCO" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Multiple TIBCO Products are prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The products and versions that are affected include the following:\nTIBCO Silver Fabric Enabler for Spotfire Web Player 2.1.2 and earlier\nTIBCO Spotfire Analyst 7.5.0\nTIBCO Spotfire Analyst 7.6.0\nTIBCO Spotfire Analyst 7.7.0\nTIBCO Spotfire Analytics Platform for AWS Marketplace 7.0.2 and earlier\nTIBCO Spotfire Automation Services 6.5.3 and earlier\nTIBCO Spotfire Automation Services 7.0.0, and 7.0.1\nTIBCO Spotfire Connectors 7.6.0\nTIBCO Spotfire Deployment Kit 6.5.3 and earlier\nTIBCO Spotfire Deployment Kit 7.0.0, and 7.0.1\nTIBCO Spotfire Deployment Kit 7.5.0\nTIBCO Spotfire Deployment Kit 7.6.0\nTIBCO Spotfire Deployment Kit 7.7.0\nTIBCO Spotfire Desktop 6.5.2 and earlier\nTIBCO Spotfire Desktop 7.0.0, and 7.0.1\nTIBCO Spotfire Desktop 7.5.0\nTIBCO Spotfire Desktop 7.6.0\nTIBCO Spotfire Desktop 7.7.0\nTIBCO Spotfire Desktop Developer Edition 7.7.0\nTIBCO Spotfire Desktop Language Packs 7.0.1 and earlier\nTIBCO Spotfire Desktop Language Packs 7.5.0\nTIBCO Spotfire Desktop Language Packs 7.6.0\nTIBCO Spotfire Desktop Language Packs 7.7.0\nTIBCO Spotfire Professional 6.5.3 and earlier\nTIBCO Spotfire Professional 7.0.0 and 7.0.1\nTIBCO Spotfire Web Player 6.5.3 and earlier\nTIBCO Spotfire Web Player 7.0.0 and 7.0.1" + "lang" : "eng", + "value" : "Multiple TIBCO Products are prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The products and versions that are affected include the following: TIBCO Silver Fabric Enabler for Spotfire Web Player 2.1.2 and earlier TIBCO Spotfire Analyst 7.5.0 TIBCO Spotfire Analyst 7.6.0 TIBCO Spotfire Analyst 7.7.0 TIBCO Spotfire Analytics Platform for AWS Marketplace 7.0.2 and earlier TIBCO Spotfire Automation Services 6.5.3 and earlier TIBCO Spotfire Automation Services 7.0.0, and 7.0.1 TIBCO Spotfire Connectors 7.6.0 TIBCO Spotfire Deployment Kit 6.5.3 and earlier TIBCO Spotfire Deployment Kit 7.0.0, and 7.0.1 TIBCO Spotfire Deployment Kit 7.5.0 TIBCO Spotfire Deployment Kit 7.6.0 TIBCO Spotfire Deployment Kit 7.7.0 TIBCO Spotfire Desktop 6.5.2 and earlier TIBCO Spotfire Desktop 7.0.0, and 7.0.1 TIBCO Spotfire Desktop 7.5.0 TIBCO Spotfire Desktop 7.6.0 TIBCO Spotfire Desktop 7.7.0 TIBCO Spotfire Desktop Developer Edition 7.7.0 TIBCO Spotfire Desktop Language Packs 7.0.1 and earlier TIBCO Spotfire Desktop Language Packs 7.5.0 TIBCO Spotfire Desktop Language Packs 7.6.0 TIBCO Spotfire Desktop Language Packs 7.7.0 TIBCO Spotfire Professional 6.5.3 and earlier TIBCO Spotfire Professional 7.0.0 and 7.0.1 TIBCO Spotfire Web Player 6.5.3 and earlier TIBCO Spotfire Web Player 7.0.0 and 7.0.1" } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-20" + "lang" : "eng", + "value" : "CWE-20" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "95699", - "refsource": "BID", - "url": "https://www.securityfocus.com/bid/95699" + "name" : "https://www.tibco.com//support/advisories/2017/01/tibco-security-advisory-january-10-2017-tibco-spotfire-2017-3180", + "refsource" : "CONFIRM", + "url" : "https://www.tibco.com//support/advisories/2017/01/tibco-security-advisory-january-10-2017-tibco-spotfire-2017-3180" }, { - "name": "https://www.tibco.com//support/advisories/2017/01/tibco-security-advisory-january-10-2017-tibco-spotfire-2017-3180", - "refsource": "CONFIRM", - "url": "https://www.tibco.com//support/advisories/2017/01/tibco-security-advisory-january-10-2017-tibco-spotfire-2017-3180" + "name" : "95699", + "refsource" : "BID", + "url" : "https://www.securityfocus.com/bid/95699" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3181.json b/2017/3xxx/CVE-2017-3181.json index 154f1ee4fc0..90d04c81151 100644 --- a/2017/3xxx/CVE-2017-3181.json +++ b/2017/3xxx/CVE-2017-3181.json @@ -1,165 +1,165 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3181", - "STATE": "PUBLIC", - "TITLE": "Multiple TIBCO Spotfire components are vulnerable to multiple unspecified SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3181", + "STATE" : "PUBLIC", + "TITLE" : "Multiple TIBCO Spotfire components are vulnerable to multiple unspecified SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Spotfire Analyst", - "version": { - "version_data": [ + "product_name" : "Spotfire Analyst", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "7.7.0", - "version_value": "7.7.0" + "affected" : "=", + "version_name" : "7.7.0", + "version_value" : "7.7.0" } ] } }, { - "product_name": "Spotfire Connectors", - "version": { - "version_data": [ + "product_name" : "Spotfire Connectors", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "7.6.0", - "version_value": "7.6.0" + "affected" : "=", + "version_name" : "7.6.0", + "version_value" : "7.6.0" } ] } }, { - "product_name": "Spotfire Deployment Kit", - "version": { - "version_data": [ + "product_name" : "Spotfire Deployment Kit", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "7.7.0", - "version_value": "7.7.0" + "affected" : "=", + "version_name" : "7.7.0", + "version_value" : "7.7.0" } ] } }, { - "product_name": "Spotfire Desktop", - "version": { - "version_data": [ + "product_name" : "Spotfire Desktop", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "7.6.0", - "version_value": "7.6.0" + "affected" : "=", + "version_name" : "7.6.0", + "version_value" : "7.6.0" }, { - "affected": "=", - "version_name": "7.7.0", - "version_value": "7.7.0" + "affected" : "=", + "version_name" : "7.7.0", + "version_value" : "7.7.0" } ] } }, { - "product_name": "Spotfire Desktop Developer Edition", - "version": { - "version_data": [ + "product_name" : "Spotfire Desktop Developer Edition", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "7.7.0", - "version_value": "7.7.0" + "affected" : "=", + "version_name" : "7.7.0", + "version_value" : "7.7.0" } ] } }, { - "product_name": "Spotfire Desktop Language Packs", - "version": { - "version_data": [ + "product_name" : "Spotfire Desktop Language Packs", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "7.6.0", - "version_value": "7.6.0" + "affected" : "=", + "version_name" : "7.6.0", + "version_value" : "7.6.0" }, { - "affected": "=", - "version_name": "7.7.0", - "version_value": "7.7.0" + "affected" : "=", + "version_name" : "7.7.0", + "version_value" : "7.7.0" } ] } }, { - "product_name": "Spotfire Web Player Client", - "version": { - "version_data": [ + "product_name" : "Spotfire Web Player Client", + "version" : { + "version_data" : [ { - "affected": "?", - "version_value": "N/A" + "affected" : "?", + "version_value" : "N/A" } ] } }, { - "product_name": "Spotfire Client", - "version": { - "version_data": [ + "product_name" : "Spotfire Client", + "version" : { + "version_data" : [ { - "affected": "?", - "version_value": "N/A" + "affected" : "?", + "version_value" : "N/A" } ] } } ] }, - "vendor_name": "TIBCO" + "vendor_name" : "TIBCO" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Multiple TIBCO Products are prone to multiple unspecified SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. The following products and versions are affected:\nTIBCO Spotfire Analyst 7.7.0\nTIBCO Spotfire Connectors 7.6.0\nTIBCO Spotfire Deployment Kit 7.7.0\nTIBCO Spotfire Desktop 7.6.0\nTIBCO Spotfire Desktop 7.7.0\nTIBCO Spotfire Desktop Developer Edition 7.7.0\nTIBCO Spotfire Desktop Language Packs 7.6.0\nTIBCO Spotfire Desktop Language Packs 7.7.0\n\nThe following components are affected:\nTIBCO Spotfire Client\nTIBCO Spotfire Web Player Client" + "lang" : "eng", + "value" : "Multiple TIBCO Products are prone to multiple unspecified SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. The following products and versions are affected: TIBCO Spotfire Analyst 7.7.0 TIBCO Spotfire Connectors 7.6.0 TIBCO Spotfire Deployment Kit 7.7.0 TIBCO Spotfire Desktop 7.6.0 TIBCO Spotfire Desktop 7.7.0 TIBCO Spotfire Desktop Developer Edition 7.7.0 TIBCO Spotfire Desktop Language Packs 7.6.0 TIBCO Spotfire Desktop Language Packs 7.7.0 The following components are affected: TIBCO Spotfire Client TIBCO Spotfire Web Player Client" } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-89" + "lang" : "eng", + "value" : "CWE-89" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "95696", - "refsource": "BID", - "url": "https://www.securityfocus.com/bid/95696" + "name" : "https://www.tibco.com/support/advisories/2017/01/tibco-security-advisory-january-10-2017-tibco-spotfire-2017-3181", + "refsource" : "CONFIRM", + "url" : "https://www.tibco.com/support/advisories/2017/01/tibco-security-advisory-january-10-2017-tibco-spotfire-2017-3181" }, { - "name": "https://www.tibco.com/support/advisories/2017/01/tibco-security-advisory-january-10-2017-tibco-spotfire-2017-3181", - "refsource": "CONFIRM", - "url": "https://www.tibco.com/support/advisories/2017/01/tibco-security-advisory-january-10-2017-tibco-spotfire-2017-3181" + "name" : "95696", + "refsource" : "BID", + "url" : "https://www.securityfocus.com/bid/95696" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3182.json b/2017/3xxx/CVE-2017-3182.json index 05dc797a927..3bd9c8a2413 100644 --- a/2017/3xxx/CVE-2017-3182.json +++ b/2017/3xxx/CVE-2017-3182.json @@ -1,80 +1,80 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3182", - "STATE": "PUBLIC", - "TITLE": "On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle (MITM) attack" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3182", + "STATE" : "PUBLIC", + "TITLE" : "On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle (MITM) attack" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "SDK", - "version": { - "version_data": [ + "product_name" : "SDK", + "version" : { + "version_data" : [ { - "affected": "<", - "platform": "iOS", - "version_name": "3.2", - "version_value": "3.2" + "affected" : "<", + "platform" : "iOS", + "version_name" : "3.2", + "version_value" : "3.2" } ] } } ] }, - "vendor_name": "ThreatMetrix" + "vendor_name" : "ThreatMetrix" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle (MITM) attack. ThreatMetrix is a security library for mobile applications, which aims to provide fraud prevention and device identity capabilities. The ThreatMetrix SDK versions prior to 3.2 do not validate SSL certificates on the iOS platform. An affected application will communicate with https://h-sdk.online-metrix.net, regardless of whether the connection is secure or not. An attacker on the same network as or upstream from the iOS device may be able to view or modify ThreatMetrix network traffic that should have been protected by HTTPS." + "lang" : "eng", + "value" : "On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle (MITM) attack. ThreatMetrix is a security library for mobile applications, which aims to provide fraud prevention and device identity capabilities. The ThreatMetrix SDK versions prior to 3.2 do not validate SSL certificates on the iOS platform. An affected application will communicate with https://h-sdk.online-metrix.net, regardless of whether the connection is secure or not. An attacker on the same network as or upstream from the iOS device may be able to view or modify ThreatMetrix network traffic that should have been protected by HTTPS." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-295" + "lang" : "eng", + "value" : "CWE-295" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#767208", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/767208" + "name" : "VU#767208", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/767208" }, { - "name": "95360", - "refsource": "BID", - "url": "https://www.securityfocus.com/bid/95360" + "name" : "95360", + "refsource" : "BID", + "url" : "https://www.securityfocus.com/bid/95360" } ] }, - "solution": [ + "solution" : [ { - "lang": "eng", - "value": "This issue has been addressed in ThreatMetrix SDK versions 3.2 and later. Any iOS application that uses a vulnerable version of the ThreatMetrix SDK will need to be regenerated with an updated version of the library." + "lang" : "eng", + "value" : "This issue has been addressed in ThreatMetrix SDK versions 3.2 and later. Any iOS application that uses a vulnerable version of the ThreatMetrix SDK will need to be regenerated with an updated version of the library." } ], - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3183.json b/2017/3xxx/CVE-2017-3183.json index 5f653b8fe7a..0bd31088263 100644 --- a/2017/3xxx/CVE-2017-3183.json +++ b/2017/3xxx/CVE-2017-3183.json @@ -1,85 +1,85 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3183", - "STATE": "PUBLIC", - "TITLE": "Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3183", + "STATE" : "PUBLIC", + "TITLE" : "Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "XRT Treasury", - "version": { - "version_data": [ + "product_name" : "XRT Treasury", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "3", - "version_value": "3" + "affected" : "=", + "version_name" : "3", + "version_value" : "3" } ] } } ] }, - "vendor_name": "Sage" + "vendor_name" : "Sage" } ] } }, - "credit": [ + "credit" : [ { - "lang": "eng", - "value": "Thanks to Victor Portal Gonzalez of Deloitte Spain for reporting this vulnerability." + "lang" : "eng", + "value" : "Thanks to Victor Portal Gonzalez of Deloitte Spain for reporting this vulnerability." } ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions. Sage XRT Treasury is a business finance management application. Database user access privileges are determined by the USER_CODE field associated with the querying user. By modifying the USER_CODE value to match that of a privileged user, a low-privileged, authenticated user may gain privileged access to the SQL database. A remote, authenticated user can submit specially crafted SQL queries to gain privileged access to the application database." + "lang" : "eng", + "value" : "Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions. Sage XRT Treasury is a business finance management application. Database user access privileges are determined by the USER_CODE field associated with the querying user. By modifying the USER_CODE value to match that of a privileged user, a low-privileged, authenticated user may gain privileged access to the SQL database. A remote, authenticated user can submit specially crafted SQL queries to gain privileged access to the application database." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-639" + "lang" : "eng", + "value" : "CWE-639" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "96477", - "refsource": "BID", - "url": "https://www.securityfocus.com/bid/96477" + "name" : "VU#742632", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/742632" }, { - "name": "VU#742632", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/742632" + "name" : "96477", + "refsource" : "BID", + "url" : "https://www.securityfocus.com/bid/96477" } ] }, - "solution": [ + "solution" : [ { - "lang": "eng", - "value": "The vendor has indicated that XRT Treasury version 4 addresses this issue. Users are encouraged to update to the latest release and to encrypt connections to the database server." + "lang" : "eng", + "value" : "The vendor has indicated that XRT Treasury version 4 addresses this issue. Users are encouraged to update to the latest release and to encrypt connections to the database server." } ], - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3187.json b/2017/3xxx/CVE-2017-3187.json index 6642a01d791..67e8ca53050 100644 --- a/2017/3xxx/CVE-2017-3187.json +++ b/2017/3xxx/CVE-2017-3187.json @@ -1,74 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3187", - "STATE": "PUBLIC", - "TITLE": "The dotCMS administration panel, versions 3.7.1 and earlier, are vulnerable to cross-site request forgery" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3187", + "STATE" : "PUBLIC", + "TITLE" : "The dotCMS administration panel, versions 3.7.1 and earlier, are vulnerable to cross-site request forgery" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Administration Panel", - "version": { - "version_data": [ + "product_name" : "Administration Panel", + "version" : { + "version_data" : [ { - "affected": "<=", - "version_name": "3.7.1", - "version_value": "3.7.1" + "affected" : "<=", + "version_name" : "3.7.1", + "version_value" : "3.7.1" } ] } } ] }, - "vendor_name": "docCMS" + "vendor_name" : "docCMS" } ] } }, - "credit": [ + "credit" : [ { - "lang": "eng", - "value": "Thanks to:\n\n[1]SafeDog Penetration and Defense Lab:darong tong\n[2]SafeDog Penetration and Defense Lab:yong cai\n[3]shaohong wu \n\nfor reporting these vulnerabilities." + "lang" : "eng", + "value" : "Thanks to:\n\n[1]SafeDog Penetration and Defense Lab:darong tong\n[2]SafeDog Penetration and Defense Lab:yong cai\n[3]shaohong wu \n\nfor reporting these vulnerabilities." } ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "The dotCMS administration panel, versions 3.7.1 and earlier, are vulnerable to cross-site request forgery. The dotCMS administrator panel contains a cross-site request forgery (CSRF) vulnerability. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request. An unauthenticated remote attacker may perform actions with the dotCMS administrator panel with the same permissions of a victim user or execute arbitrary system commands with the permissions of the user running the dotCMS application." + "lang" : "eng", + "value" : "The dotCMS administration panel, versions 3.7.1 and earlier, are vulnerable to cross-site request forgery. The dotCMS administrator panel contains a cross-site request forgery (CSRF) vulnerability. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request. An unauthenticated remote attacker may perform actions with the dotCMS administrator panel with the same permissions of a victim user or execute arbitrary system commands with the permissions of the user running the dotCMS application." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-352" + "lang" : "eng", + "value" : "CWE-352" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#168699", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/168699" + "name" : "VU#168699", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/168699" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3188.json b/2017/3xxx/CVE-2017-3188.json index fa6bec0217c..e7112513912 100644 --- a/2017/3xxx/CVE-2017-3188.json +++ b/2017/3xxx/CVE-2017-3188.json @@ -1,74 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3188", - "STATE": "PUBLIC", - "TITLE": "The dotCMS administration panel, versions 3.7.1 and earlier, \"Push Publishing\" feature in Enterprise Pro is vulnerable to path traversal" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3188", + "STATE" : "PUBLIC", + "TITLE" : "The dotCMS administration panel, versions 3.7.1 and earlier, \"Push Publishing\" feature in Enterprise Pro is vulnerable to path traversal" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Administration Panel", - "version": { - "version_data": [ + "product_name" : "Administration Panel", + "version" : { + "version_data" : [ { - "affected": "<=", - "version_name": "3.7.1", - "version_value": "3.7.1" + "affected" : "<=", + "version_name" : "3.7.1", + "version_value" : "3.7.1" } ] } } ] }, - "vendor_name": "docCMS" + "vendor_name" : "docCMS" } ] } }, - "credit": [ + "credit" : [ { - "lang": "eng", - "value": "Thanks to:\n\n[1]SafeDog Penetration and Defense Lab:darong tong\n[2]SafeDog Penetration and Defense Lab:yong cai\n[3]shaohong wu \n\nfor reporting these vulnerabilities." + "lang" : "eng", + "value" : "Thanks to:\n\n[1]SafeDog Penetration and Defense Lab:darong tong\n[2]SafeDog Penetration and Defense Lab:yong cai\n[3]shaohong wu \n\nfor reporting these vulnerabilities." } ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "The dotCMS administration panel, versions 3.7.1 and earlier, \"Push Publishing\" feature in Enterprise Pro is vulnerable to path traversal. When \"Bundle\" tar.gz archives uploaded to the Push Publishing feature are decompressed, the filenames of its contents are not properly checked, allowing for writing files to arbitrary directories on the file system. These archives may be uploaded directly via the administrator panel, or using the CSRF vulnerability (CVE-2017-3187).\nAn unauthenticated remote attacker may perform actions with the dotCMS administrator panel with the same permissions of a victim user or execute arbitrary system commands with the permissions of the user running the dotCMS application." + "lang" : "eng", + "value" : "The dotCMS administration panel, versions 3.7.1 and earlier, \"Push Publishing\" feature in Enterprise Pro is vulnerable to path traversal. When \"Bundle\" tar.gz archives uploaded to the Push Publishing feature are decompressed, the filenames of its contents are not properly checked, allowing for writing files to arbitrary directories on the file system. These archives may be uploaded directly via the administrator panel, or using the CSRF vulnerability (CVE-2017-3187). An unauthenticated remote attacker may perform actions with the dotCMS administrator panel with the same permissions of a victim user or execute arbitrary system commands with the permissions of the user running the dotCMS application." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-22" + "lang" : "eng", + "value" : "CWE-22" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#168699", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/168699" + "name" : "VU#168699", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/168699" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3189.json b/2017/3xxx/CVE-2017-3189.json index 5992cd4b607..9c4f8d12cde 100644 --- a/2017/3xxx/CVE-2017-3189.json +++ b/2017/3xxx/CVE-2017-3189.json @@ -1,74 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3189", - "STATE": "PUBLIC", - "TITLE": "The dotCMS administration panel, versions 3.7.1 and earlier, \"Push Publishing\" feature in Enterprise Pro is vulnerable to arbitrary file upload" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3189", + "STATE" : "PUBLIC", + "TITLE" : "The dotCMS administration panel, versions 3.7.1 and earlier, \"Push Publishing\" feature in Enterprise Pro is vulnerable to arbitrary file upload" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Administration Panel", - "version": { - "version_data": [ + "product_name" : "Administration Panel", + "version" : { + "version_data" : [ { - "affected": "<=", - "version_name": "3.7.1", - "version_value": "3.7.1" + "affected" : "<=", + "version_name" : "3.7.1", + "version_value" : "3.7.1" } ] } } ] }, - "vendor_name": "docCMS" + "vendor_name" : "docCMS" } ] } }, - "credit": [ + "credit" : [ { - "lang": "eng", - "value": "Thanks to:\n\n[1]SafeDog Penetration and Defense Lab:darong tong\n[2]SafeDog Penetration and Defense Lab:yong cai\n[3]shaohong wu \n\nfor reporting these vulnerabilities." + "lang" : "eng", + "value" : "Thanks to:\n\n[1]SafeDog Penetration and Defense Lab:darong tong\n[2]SafeDog Penetration and Defense Lab:yong cai\n[3]shaohong wu \n\nfor reporting these vulnerabilities." } ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "The dotCMS administration panel, versions 3.7.1 and earlier, \"Push Publishing\" feature in Enterprise Pro is vulnerable to arbitrary file upload. When \"Bundle\" tar.gz archives uploaded to the Push Publishing feature are decompressed, there are no checks on the types of files which the bundle contains. This vulnerability combined with the path traversal vulnerability above (CVE-2017-3188) can lead to remote command execution with the permissions of the user running the dotCMS application. An unauthenticated remote attacker may perform actions with the dotCMS administrator panel with the same permissions of a victim user or execute arbitrary system commands with the permissions of the user running the dotCMS application." + "lang" : "eng", + "value" : "The dotCMS administration panel, versions 3.7.1 and earlier, \"Push Publishing\" feature in Enterprise Pro is vulnerable to arbitrary file upload. When \"Bundle\" tar.gz archives uploaded to the Push Publishing feature are decompressed, there are no checks on the types of files which the bundle contains. This vulnerability combined with the path traversal vulnerability (CVE-2017-3188) can lead to remote command execution with the permissions of the user running the dotCMS application. An unauthenticated remote attacker may perform actions with the dotCMS administrator panel with the same permissions of a victim user or execute arbitrary system commands with the permissions of the user running the dotCMS application." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-434" + "lang" : "eng", + "value" : "CWE-434" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#168699", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/168699" + "name" : "VU#168699", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/168699" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3209.json b/2017/3xxx/CVE-2017-3209.json index e147aba6844..0b87437ec30 100644 --- a/2017/3xxx/CVE-2017-3209.json +++ b/2017/3xxx/CVE-2017-3209.json @@ -1,72 +1,72 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3209", - "STATE": "PUBLIC", - "TITLE": "The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3209", + "STATE" : "PUBLIC", + "TITLE" : "The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "U818A WiFi Quadcopter Drone", - "version": { - "version_data": [ + "product_name" : "U818A WiFi Quadcopter Drone", + "version" : { + "version_data" : [ { - "affected": "?", - "version_value": "N/A" + "affected" : "?", + "version_value" : "N/A" } ] } } ] }, - "vendor_name": "DBPOWER" + "vendor_name" : "DBPOWER" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user. The DBPower U818A WIFI quadcopter drone runs an FTP server that by default allows anonymous access without a password, and provides full filesystem read/write permissions to the anonymous user. A remote user within range of the open access point on the drone may utilize the anonymous user of the FTP server to read arbitrary files, such as images and video recorded by the device, or to replace system files such as /etc/shadow to gain further access to the device. Furthermore, the DBPOWER U818A WIFI quadcopter drone uses BusyBox 1.20.2, which was released in 2012, and may be vulnerable to other known BusyBox vulnerabilities.\n" + "lang" : "eng", + "value" : "The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user. The DBPower U818A WIFI quadcopter drone runs an FTP server that by default allows anonymous access without a password, and provides full filesystem read/write permissions to the anonymous user. A remote user within range of the open access point on the drone may utilize the anonymous user of the FTP server to read arbitrary files, such as images and video recorded by the device, or to replace system files such as /etc/shadow to gain further access to the device. Furthermore, the DBPOWER U818A WIFI quadcopter drone uses BusyBox 1.20.2, which was released in 2012, and may be vulnerable to other known BusyBox vulnerabilities." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-276" + "lang" : "eng", + "value" : "CWE-276" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#334207", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/334207" + "name" : "VU#334207", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/334207" }, { - "name": "97564", - "refsource": "BID", - "url": "https://www.securityfocus.com/bid/97564" + "name" : "97564", + "refsource" : "BID", + "url" : "https://www.securityfocus.com/bid/97564" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3210.json b/2017/3xxx/CVE-2017-3210.json index e20d00101fa..e766d673477 100644 --- a/2017/3xxx/CVE-2017-3210.json +++ b/2017/3xxx/CVE-2017-3210.json @@ -1,79 +1,79 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3210", - "STATE": "PUBLIC", - "TITLE": "Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3210", + "STATE" : "PUBLIC", + "TITLE" : "Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "SDK", - "version": { - "version_data": [ + "product_name" : "SDK", + "version" : { + "version_data" : [ { - "affected": ">", - "version_name": "2.34", - "version_value": "2.30" + "affected" : ">", + "version_name" : "2.34", + "version_value" : "2.30" } ] } } ] }, - "vendor_name": "Portrait Display" + "vendor_name" : "Portrait Display" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges.\n\nThe following applications have been identified by Portrait Displays as affected:\nFujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3.\nFujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9.\nHP Display Assistant: Version 2.1. The issue was fixed in Version 2.11.\nHP My Display: Version 2.0. The issue was fixed in Version 2.1.\nPhilips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26." + "lang" : "eng", + "value" : "Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-276" + "lang" : "eng", + "value" : "CWE-276" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#219739", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/219739" + "name" : "VU#219739", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/219739" }, { - "name": "98006", - "refsource": "BID", - "url": "https://www.securityfocus.com/bid/98006" + "name" : "98006", + "refsource" : "BID", + "url" : "https://www.securityfocus.com/bid/98006" } ] }, - "solution": [ + "solution" : [ { - "lang": "eng", - "value": "Thanks to Werner Schober of SEC Consult for reporting this vulnerability." + "lang" : "eng", + "value" : "Thanks to Werner Schober of SEC Consult for reporting this vulnerability." } ], - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3217.json b/2017/3xxx/CVE-2017-3217.json index d95aa63b450..9a0d4e991c7 100644 --- a/2017/3xxx/CVE-2017-3217.json +++ b/2017/3xxx/CVE-2017-3217.json @@ -1,78 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3217", - "STATE": "PUBLIC", - "TITLE": "CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3217", + "STATE" : "PUBLIC", + "TITLE" : "CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "LMU 3030 OBD-II", - "version": { - "version_data": [ + "product_name" : "LMU 3030 OBD-II", + "version" : { + "version_data" : [ { - "affected": "=", - "version_name": "CDMA", - "version_value": "CDMA" + "affected" : "=", + "version_name" : "CDMA", + "version_value" : "CDMA" }, { - "affected": "=", - "version_name": "GSM", - "version_value": "GSM" + "affected" : "=", + "version_name" : "GSM", + "version_value" : "GSM" } ] } } ] }, - "vendor_name": "CalAmp" + "vendor_name" : "CalAmp" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller. This interface must be password protected, otherwise, the attacker only needs to know the phone number of the device (via an IMSI Catcher, for example) to send administrative commands to the device. These commands can be used to provide ongoing, real-time access to the device and can configure parameters such as IP addresses, firewall rules, and passwords." + "lang" : "eng", + "value" : "CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller. This interface must be password protected, otherwise, the attacker only needs to know the phone number of the device (via an IMSI Catcher, for example) to send administrative commands to the device. These commands can be used to provide ongoing, real-time access to the device and can configure parameters such as IP addresses, firewall rules, and passwords." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-306" + "lang" : "eng", + "value" : "CWE-306" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#251927", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/251927" + "name" : "VU#251927", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/251927" }, { - "name": "98964", - "refsource": "BID", - "url": "https://www.securityfocus.com/bid/98964" + "name" : "98964", + "refsource" : "BID", + "url" : "https://www.securityfocus.com/bid/98964" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3223.json b/2017/3xxx/CVE-2017-3223.json index 985c8f825e7..eeb15206540 100644 --- a/2017/3xxx/CVE-2017-3223.json +++ b/2017/3xxx/CVE-2017-3223.json @@ -1,80 +1,80 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3223", - "STATE": "PUBLIC", - "TITLE": "Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3223", + "STATE" : "PUBLIC", + "TITLE" : "Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "IP Camera", - "version": { - "version_data": [ + "product_name" : "IP Camera", + "version" : { + "version_data" : [ { - "affected": "<", - "version_name": "DH_IPC-Consumer-Zi-Themis_Eng_P_V2.408.0000.11.R.20170621", - "version_value": "DH_IPC-Consumer-Zi-Themis_Eng_P_V2.408.0000.11.R.20170621" + "affected" : "<", + "version_name" : "DH_IPC-Consumer-Zi-Themis_Eng_P_V2.408.0000.11.R.20170621", + "version_value" : "DH_IPC-Consumer-Zi-Themis_Eng_P_V2.408.0000.11.R.20170621" } ] } } ] }, - "vendor_name": "Dahua" + "vendor_name" : "Dahua" } ] } }, - "credit": [ + "credit" : [ { - "lang": "eng", - "value": "Thanks to Ilya Smith of Positive Technologies for reporting this vulnerability." + "lang" : "eng", + "value" : "Thanks to Ilya Smith of Positive Technologies for reporting this vulnerability." } ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia (/usr/bin/sonia) that provides the web interface and other services for controlling the IP camera remotely. Versions of Sonia included in firmware versions prior to DH_IPC-Consumer-Zi-Themis_Eng_P_V2.408.0000.11.R.20170621 do not validate input data length for the 'password' field of the web interface. A remote, unauthenticated attacker may submit a crafted POST request to the IP camera's Sonia web interface that may lead to out-of-bounds memory operations and loss of availability or remote code execution. The issue was originally identified by the researcher in firmware version DH_IPC-HX1X2X-Themis_EngSpnFrn_N_V2.400.0000.30.R.20160803." + "lang" : "eng", + "value" : "Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia (/usr/bin/sonia) that provides the web interface and other services for controlling the IP camera remotely. Versions of Sonia included in firmware versions prior to DH_IPC-Consumer-Zi-Themis_Eng_P_V2.408.0000.11.R.20170621 do not validate input data length for the 'password' field of the web interface. A remote, unauthenticated attacker may submit a crafted POST request to the IP camera's Sonia web interface that may lead to out-of-bounds memory operations and loss of availability or remote code execution. The issue was originally identified by the researcher in firmware version DH_IPC-HX1X2X-Themis_EngSpnFrn_N_V2.400.0000.30.R.20160803." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-121" + "lang" : "eng", + "value" : "CWE-121" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#547255", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/547255" + "name" : "VU#547255", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/547255" } ] }, - "solution": [ + "solution" : [ { - "lang": "eng", - "value": "Dahua has released firmware version DH_IPC-ACK-Themis_Eng_P_V2.400.0000.14.R.20170713.bin to address this issue" + "lang" : "eng", + "value" : "Dahua has released firmware version DH_IPC-ACK-Themis_Eng_P_V2.400.0000.14.R.20170713.bin to address this issue" } ], - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3224.json b/2017/3xxx/CVE-2017-3224.json index 1378ce73b79..74ebff1d971 100644 --- a/2017/3xxx/CVE-2017-3224.json +++ b/2017/3xxx/CVE-2017-3224.json @@ -1,67 +1,67 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3224", - "STATE": "PUBLIC", - "TITLE": "Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency in affected Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3224", + "STATE" : "PUBLIC", + "TITLE" : "Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency in affected Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Protocol", - "version": { - "version_data": [ + "product_name" : "Protocol", + "version" : { + "version_data" : [ { - "affected": "?", - "version_value": "N/A" + "affected" : "?", + "version_value" : "N/A" } ] } } ] }, - "vendor_name": "Open Shortest Path First (OSPF)" + "vendor_name" : "Open Shortest Path First (OSPF)" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB). Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a 'newer' LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network.\nCVE-2017-3224 has been reserved for Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)." + "lang" : "eng", + "value" : "Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB). Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a 'newer' LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network. CVE-2017-3224 has been reserved for Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-354" + "lang" : "eng", + "value" : "CWE-354" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#793496", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/793496" + "name" : "VU#793496", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/793496" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3225.json b/2017/3xxx/CVE-2017-3225.json index 238b5bb8e8f..bf019c8b339 100644 --- a/2017/3xxx/CVE-2017-3225.json +++ b/2017/3xxx/CVE-2017-3225.json @@ -1,68 +1,68 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3225", - "STATE": "PUBLIC", - "TITLE": "Das U-Boot's AES-CBC encryption feature uses a zero (0) initialization vector that may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3225", + "STATE" : "PUBLIC", + "TITLE" : "Das U-Boot's AES-CBC encryption feature uses a zero (0) initialization vector that may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "U-Boot", - "version": { - "version_data": [ + "product_name" : "U-Boot", + "version" : { + "version_data" : [ { - "affected": "<", - "version_name": "2017.09", - "version_value": "2017.09" + "affected" : "<", + "version_name" : "2017.09", + "version_value" : "2017.09" } ] } } ] }, - "vendor_name": "Das" + "vendor_name" : "Das" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data. Das U-Boot's AES-CBC encryption feature uses a zero (0) initialization vector. This allows an attacker to perform dictionary attacks on encrypted data produced by Das U-Boot to learn information about the encrypted data." + "lang" : "eng", + "value" : "Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data. Das U-Boot's AES-CBC encryption feature uses a zero (0) initialization vector. This allows an attacker to perform dictionary attacks on encrypted data produced by Das U-Boot to learn information about the encrypted data." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-329" + "lang" : "eng", + "value" : "CWE-329" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#166743", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/166743" + "name" : "VU#166743", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/166743" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2017/3xxx/CVE-2017-3226.json b/2017/3xxx/CVE-2017-3226.json index 15b5bb2aee0..b894c6059b5 100644 --- a/2017/3xxx/CVE-2017-3226.json +++ b/2017/3xxx/CVE-2017-3226.json @@ -1,68 +1,68 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2017-3226", - "STATE": "PUBLIC", - "TITLE": "Das U-Boot's AES-CBC encryption feature improperly handles an error condition and may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2017-3226", + "STATE" : "PUBLIC", + "TITLE" : "Das U-Boot's AES-CBC encryption feature improperly handles an error condition and may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "U-Boot", - "version": { - "version_data": [ + "product_name" : "U-Boot", + "version" : { + "version_data" : [ { - "affected": "<", - "version_name": "2017.09", - "version_value": "2017.09" + "affected" : "<", + "version_name" : "2017.09", + "version_value" : "2017.09" } ] } } ] }, - "vendor_name": "Das" + "vendor_name" : "Das" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption (i.e., setting the configuration parameter CONFIG_ENV_AES=y) read environment variables from disk as the encrypted disk image is processed. An attacker with physical access to the device can manipulate the encrypted environment data to include a crafted two-byte sequence which triggers an error in environment variable parsing. This error condition is improperly handled by Das U-Boot, resulting in an immediate process termination with a debugging message." + "lang" : "eng", + "value" : "Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption (i.e., setting the configuration parameter CONFIG_ENV_AES=y) read environment variables from disk as the encrypted disk image is processed. An attacker with physical access to the device can manipulate the encrypted environment data to include a crafted two-byte sequence which triggers an error in environment variable parsing. This error condition is improperly handled by Das U-Boot, resulting in an immediate process termination with a debugging message." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-329" + "lang" : "eng", + "value" : "CWE-329" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#166743", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/166743" + "name" : "VU#166743", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/166743" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2018/14xxx/CVE-2018-14580.json b/2018/14xxx/CVE-2018-14580.json new file mode 100644 index 00000000000..db51dd3aea7 --- /dev/null +++ b/2018/14xxx/CVE-2018-14580.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-14580", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/14xxx/CVE-2018-14581.json b/2018/14xxx/CVE-2018-14581.json new file mode 100644 index 00000000000..5b9fae163b3 --- /dev/null +++ b/2018/14xxx/CVE-2018-14581.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-14581", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/5xxx/CVE-2018-5384.json b/2018/5xxx/CVE-2018-5384.json index 633816ce1d3..089c29bc763 100644 --- a/2018/5xxx/CVE-2018-5384.json +++ b/2018/5xxx/CVE-2018-5384.json @@ -1,73 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2018-5384", - "STATE": "PUBLIC", - "TITLE": "Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2018-5384", + "STATE" : "PUBLIC", + "TITLE" : "Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Infinity", - "version": { - "version_data": [ + "product_name" : "Infinity", + "version" : { + "version_data" : [ { - "affected": "<", - "version_name": "2.2", - "version_value": "2.2" + "affected" : "<", + "version_name" : "2.2", + "version_value" : "2.2" } ] } } ] }, - "vendor_name": "Navarino" + "vendor_name" : "Navarino" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection. If successfully exploited the user can get info from the underlying postgresql database that could lead into to total compromise of the product. The said script is available with no authentication." + "lang" : "eng", + "value" : "Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection. If successfully exploited the user can get info from the underlying postgresql database that could lead into to total compromise of the product. The said script is available with no authentication." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-89" + "lang" : "eng", + "value" : "CWE-89" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#184077", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/184077" + "name" : "https://medium.com/@evstykas/pwning-ships-vsat-for-fun-and-profit-ba0fe9f42fb3", + "refsource" : "MISC", + "url" : "https://medium.com/@evstykas/pwning-ships-vsat-for-fun-and-profit-ba0fe9f42fb3" }, { - "name": "https://packetstormsecurity.com/files/146506/Navarino-Infinity-Blind-SQL-Injection-Session-Fixation.html", - "refsource": "MISC", - "url": "https://packetstormsecurity.com/files/146506/Navarino-Infinity-Blind-SQL-Injection-Session-Fixation.html" + "name" : "https://packetstormsecurity.com/files/146506/Navarino-Infinity-Blind-SQL-Injection-Session-Fixation.html", + "refsource" : "MISC", + "url" : "https://packetstormsecurity.com/files/146506/Navarino-Infinity-Blind-SQL-Injection-Session-Fixation.html" + }, + { + "name" : "VU#184077", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/184077" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2018/5xxx/CVE-2018-5385.json b/2018/5xxx/CVE-2018-5385.json index 86faf9e8594..fb62479046e 100644 --- a/2018/5xxx/CVE-2018-5385.json +++ b/2018/5xxx/CVE-2018-5385.json @@ -1,73 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2018-5385", - "STATE": "PUBLIC", - "TITLE": "Navarino Infinity web interface up to version 2.2 is prone to session fixation attacks" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2018-5385", + "STATE" : "PUBLIC", + "TITLE" : "Navarino Infinity web interface up to version 2.2 is prone to session fixation attacks" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Infinity", - "version": { - "version_data": [ + "product_name" : "Infinity", + "version" : { + "version_data" : [ { - "affected": "<", - "version_name": "2.2", - "version_value": "2.2" + "affected" : "<", + "version_name" : "2.2", + "version_value" : "2.2" } ] } } ] }, - "vendor_name": "Navarino" + "vendor_name" : "Navarino" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a GET parameter which can lead to bypassing the two factor authentication in some installations. This could lead to phishing attacks that can bypass the two factor authentication that is present in some installations." + "lang" : "eng", + "value" : "Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a GET parameter which can lead to bypassing the two factor authentication in some installations. This could lead to phishing attacks that can bypass the two factor authentication that is present in some installations." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-384" + "lang" : "eng", + "value" : "CWE-384" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#184077", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/184077" + "name" : "https://medium.com/@evstykas/pwning-ships-vsat-for-fun-and-profit-ba0fe9f42fb3", + "refsource" : "MISC", + "url" : "https://medium.com/@evstykas/pwning-ships-vsat-for-fun-and-profit-ba0fe9f42fb3" }, { - "name": "https://packetstormsecurity.com/files/146506/Navarino-Infinity-Blind-SQL-Injection-Session-Fixation.html", - "refsource": "MISC", - "url": "https://packetstormsecurity.com/files/146506/Navarino-Infinity-Blind-SQL-Injection-Session-Fixation.html" + "name" : "https://packetstormsecurity.com/files/146506/Navarino-Infinity-Blind-SQL-Injection-Session-Fixation.html", + "refsource" : "MISC", + "url" : "https://packetstormsecurity.com/files/146506/Navarino-Infinity-Blind-SQL-Injection-Session-Fixation.html" + }, + { + "name" : "VU#184077", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/184077" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2018/5xxx/CVE-2018-5386.json b/2018/5xxx/CVE-2018-5386.json index 2608fe08a8b..8cba633ec0c 100644 --- a/2018/5xxx/CVE-2018-5386.json +++ b/2018/5xxx/CVE-2018-5386.json @@ -1,73 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2018-5386", - "STATE": "PUBLIC", - "TITLE": "Some Navarino Infinity functions placed in the URL can bypass any authentication mechanism leading to an information leak" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2018-5386", + "STATE" : "PUBLIC", + "TITLE" : "Some Navarino Infinity functions placed in the URL can bypass any authentication mechanism leading to an information leak" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Infinity", - "version": { - "version_data": [ + "product_name" : "Infinity", + "version" : { + "version_data" : [ { - "affected": "<", - "version_name": "2.2", - "version_value": "2.2" + "affected" : "<", + "version_name" : "2.2", + "version_value" : "2.2" } ] } } ] }, - "vendor_name": "Navarino" + "vendor_name" : "Navarino" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Some Navarino Infinity functions, up to version 2.2, placed in the URL can bypass any authentication mechanism leading to an information leak." + "lang" : "eng", + "value" : "Some Navarino Infinity functions, up to version 2.2, placed in the URL can bypass any authentication mechanism leading to an information leak." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-288" + "lang" : "eng", + "value" : "CWE-288" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#184077", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/184077" + "name" : "https://medium.com/@evstykas/pwning-ships-vsat-for-fun-and-profit-ba0fe9f42fb3", + "refsource" : "MISC", + "url" : "https://medium.com/@evstykas/pwning-ships-vsat-for-fun-and-profit-ba0fe9f42fb3" }, { - "name": "https://packetstormsecurity.com/files/146506/Navarino-Infinity-Blind-SQL-Injection-Session-Fixation.html", - "refsource": "MISC", - "url": "https://packetstormsecurity.com/files/146506/Navarino-Infinity-Blind-SQL-Injection-Session-Fixation.html" + "name" : "https://packetstormsecurity.com/files/146506/Navarino-Infinity-Blind-SQL-Injection-Session-Fixation.html", + "refsource" : "MISC", + "url" : "https://packetstormsecurity.com/files/146506/Navarino-Infinity-Blind-SQL-Injection-Session-Fixation.html" + }, + { + "name" : "VU#184077", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/184077" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +} diff --git a/2018/5xxx/CVE-2018-5387.json b/2018/5xxx/CVE-2018-5387.json index 48e0c0953c1..8e21f7629c2 100644 --- a/2018/5xxx/CVE-2018-5387.json +++ b/2018/5xxx/CVE-2018-5387.json @@ -1,72 +1,72 @@ { - "CVE_data_meta": { - "ASSIGNER": "cert@cert.org", - "ID": "CVE-2018-5387", - "STATE": "PUBLIC", - "TITLE": "Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers" + "CVE_data_meta" : { + "ASSIGNER" : "cert@cert.org", + "ID" : "CVE-2018-5387", + "STATE" : "PUBLIC", + "TITLE" : "Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "SAMLBase", - "version": { - "version_data": [ + "product_name" : "SAMLBase", + "version" : { + "version_data" : [ { - "affected": "?", - "version_value": "N/A" + "affected" : "?", + "version_value" : "N/A" } ] } } ] }, - "vendor_name": "Wizkunde" + "vendor_name" : "Wizkunde" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers." + "lang" : "eng", + "value" : "Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "CWE-287" + "lang" : "eng", + "value" : "CWE-287" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "VU#475445", - "refsource": "CERT-VN", - "url": "https://www.kb.cert.org/vuls/id/475445" + "name" : "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations", + "refsource" : "MISC", + "url" : "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations" }, { - "name": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations", - "refsource": "MISC", - "url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations" + "name" : "VU#475445", + "refsource" : "CERT-VN", + "url" : "https://www.kb.cert.org/vuls/id/475445" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } -} \ No newline at end of file +}