Merge branch 'twcertcc-cnaadmin-twcertcc_CVE-2018-17542'

2025-08-04 08:44:25 +00:00 · 2019-02-12 14:10:40 -05:00 · 2019-02-12 14:10:40 -05:00 · 512665c51a
commit 512665c51a
parent 81323e919d 60678f557b
1 changed files with 103 additions and 61 deletions
--- a/2018/17xxx/CVE-2018-17542.json
+++ b/2018/17xxx/CVE-2018-17542.json
@ -1,35 +1,46 @@
 {
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
    "CVE_data_meta": {
-      "ASSIGNER" : "cve@cert.org.tw",
      "ID": "CVE-2018-17542",
+      "ASSIGNER": "cve@cert.org.tw",
+      "DATE_PUBLIC": "2018-11-23T16:00:00.000Z",
+      "TITLE": "SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds",
+      "AKA": "",
      "STATE": "PUBLIC"
    },
+    "source": {
+      "defect": [],
+      "advisory": "",
+      "discovery": "UNKNOWN"
+    },
    "affects": {
      "vendor": {
        "vendor_data": [
          {
+            "vendor_name": "OAKlouds ",
            "product": {
              "product_data": [
                {
-                        "product_name" : "n/a",
+                  "product_name": "MailSherlock",
                  "version": {
                    "version_data": [
                      {
-                                 "version_value" : "n/a"
+                        "version_name": "",
+                        "affected": "<",
+                        "version_value": "1.5.235",
+                        "platform": ""
                      }
                    ]
                  }
                }
              ]
-               },
-               "vendor_name" : "n/a"
+            }
          }
        ]
      }
    },
-   "data_format" : "MITRE",
-   "data_type" : "CVE",
-   "data_version" : "4.0",
    "description": {
      "description_data": [
        {
@ -44,7 +55,7 @@
          "description": [
            {
              "lang": "eng",
-                  "value" : "n/a"
+              "value": "SQL Injection"
            }
          ]
        }
@ -53,15 +64,46 @@
    "references": {
      "reference_data": [
        {
-            "name" : "https://twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?id=73",
          "refsource": "CONFIRM",
-            "url" : "https://twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?id=73"
+          "url": "https://twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US&id=28",
+          "name": "https://twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US&id=28"
        },
        {
-            "name" : "https://twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US&id=28",
          "refsource": "CONFIRM",
-            "url" : "https://twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US&id=28"
+          "url": "https://twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?id=73",
+          "name": "https://twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?id=73"
+        }
+      ]
+    },
+    "configuration": [],
+    "impact": {
+      "cvss": {
+        "version": "3.0",
+        "attackVector": "NETWORK",
+        "attackComplexity": "LOW",
+        "privilegesRequired": "NONE",
+        "userInteraction": "REQUIRED",
+        "scope": "UNCHANGED",
+        "confidentialityImpact": "LOW",
+        "integrityImpact": "NONE",
+        "availabilityImpact": "NONE",
+        "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
+        "baseScore": 4.3,
+        "baseSeverity": "MEDIUM"
+      }
+    },
+    "exploit": [],
+    "work_around": [],
+    "solution": [
+      {
+        "lang": "eng",
+        "value": "Update the software to the latest version."
+      }
+    ],
+    "credit": [
+      {
+        "lang": "eng",
+        "value": "Researcher from a Technology enterprise"
      }
    ]
  }
-}