diff --git a/2019/13xxx/CVE-2019-13419.json b/2019/13xxx/CVE-2019-13419.json new file mode 100644 index 00000000000..42e5b634495 --- /dev/null +++ b/2019/13xxx/CVE-2019-13419.json @@ -0,0 +1,68 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "security@search-guard.com", + "ID": "CVE-2019-13419", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Search Guard", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "23.1" + } + ] + } + } + ] + }, + "vendor_name": "floragunn" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-311: Missing Encryption of Sensitive Data" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://search-guard.com/cve-advisory/", + "refsource": "MISC", + "name": "https://search-guard.com/cve-advisory/" + }, + { + "refsource": "CONFIRM", + "url": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1", + "name": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked." + } + ] + } +} \ No newline at end of file