admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-13 15:06:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Added submission from Symantec for SA160 from 2018-05-16.

Browse Source
This commit is contained in:
CVE Team 2018-05-17 08:44:11 -04:00
parent ace4a155ff
commit 4297a5df9a
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
2 changed files with 101 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
2017/15xxx/CVE-2017-15533.json
View File

@ -1,8 +1,41 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@symantec.com",
"DATE_PUBLIC" : "2018-05-16T00:00:00",
"ID" : "CVE-2017-15533",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SSL Visibility (SSLV)",
"version" : {
"version_data" : [
{
"version_value" : "3.8.4FC"
},
{
"version_value" : "3.10 prior to 3.10.4.1"
},
{
"version_value" : "3.11"
},
{
"version_value" : "3.12 prior to 3.12.2.1"
}
]
}
}
]
},
"vendor_name" : "Symantec Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +44,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Symantec SSL Visibility (SSLV) 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, and 3.12 prior to 3.12.2.1 are vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. All affected SSLV versions act as weak oracles according the oracle classification used in the ROBOT research paper. A remote attacker, who has captured a pre-recorded SSL session inspected by SSLV, can establish multiple millions of crafted SSL connections to the target and obtain the session keys required to decrypt the pre-recorded SSL session."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.symantec.com/security-center/network-protection-security-advisories/SA160"
}
]
}

49
2017/18xxx/CVE-2017-18268.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@symantec.com",
"DATE_PUBLIC" : "2018-05-16T00:00:00",
"ID" : "CVE-2017-18268",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "IntelligenceCenter",
"version" : {
"version_data" : [
{
"version_value" : "3.3"
}
]
}
}
]
},
"vendor_name" : "Symantec Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Symantec IntelligenceCenter 3.3 is vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. A remote attacker, who has captured a pre-recorded SSL session inspected by SSLV, can establish large numbers of crafted SSL connections to the target and obtain the session keys required to decrypt the pre-recorded SSL session."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.symantec.com/security-center/network-protection-security-advisories/SA160"
}
]
}