diff --git a/2018/1xxx/CVE-2018-1734.json b/2018/1xxx/CVE-2018-1734.json index 6ef462db23a..e7905912e22 100644 --- a/2018/1xxx/CVE-2018-1734.json +++ b/2018/1xxx/CVE-2018-1734.json @@ -1,18 +1,111 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-1734", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "6.0" + }, + { + "version_value" : "6.0.1" + }, + { + "version_value" : "6.0.2" + }, + { + "version_value" : "6.0.3" + }, + { + "version_value" : "6.0.4" + }, + { + "version_value" : "6.0.5" + }, + { + "version_value" : "6.0.6" + }, + { + "version_value" : "6.0.6.1" + } + ] + }, + "product_name" : "Rational Collaborative Lifecycle Management" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "TM" : { + "RL" : "O", + "RC" : "C", + "E" : "U" + }, + "BM" : { + "UI" : "N", + "PR" : "L", + "AV" : "N", + "SCORE" : "4.300", + "C" : "L", + "I" : "N", + "S" : "U", + "A" : "N", + "AC" : "L" + } + } + }, + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "DATE_PUBLIC" : "2019-06-25T00:00:00", + "ID" : "CVE-2018-1734" + }, + "description" : { + "description_data" : [ + { + "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a malicious user to orchestrate further attacks. IBM X-Force ID: 147838.", + "lang" : "eng" + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)", + "refsource" : "CONFIRM" + }, + { + "name" : "ibm-rhapsody-cve20181734-info-disc (147838)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/147838", + "title" : "X-Force Vulnerability Report", + "refsource" : "XF" + } + ] + } +} diff --git a/2018/1xxx/CVE-2018-1758.json b/2018/1xxx/CVE-2018-1758.json index caf581d45bb..e94c6c3070f 100644 --- a/2018/1xxx/CVE-2018-1758.json +++ b/2018/1xxx/CVE-2018-1758.json @@ -1,18 +1,111 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-1758", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_version" : "4.0", + "data_type" : "CVE", + "data_format" : "MITRE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "6.0" + }, + { + "version_value" : "6.0.1" + }, + { + "version_value" : "6.0.2" + }, + { + "version_value" : "6.0.3" + }, + { + "version_value" : "6.0.4" + }, + { + "version_value" : "6.0.5" + }, + { + "version_value" : "6.0.6" + }, + { + "version_value" : "6.0.6.1" + } + ] + }, + "product_name" : "Rational Collaborative Lifecycle Management" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "impact" : { + "cvssv3" : { + "TM" : { + "RL" : "O", + "E" : "H", + "RC" : "C" + }, + "BM" : { + "AC" : "L", + "A" : "N", + "I" : "L", + "S" : "C", + "C" : "L", + "SCORE" : "5.400", + "AV" : "N", + "PR" : "L", + "UI" : "R" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross-Site Scripting" + } + ] + } + ] + }, + "CVE_data_meta" : { + "ID" : "CVE-2018-1758", + "DATE_PUBLIC" : "2019-06-25T00:00:00", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC" + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148605." + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)", + "refsource" : "CONFIRM" + }, + { + "title" : "X-Force Vulnerability Report", + "refsource" : "XF", + "name" : "ibm-rqm-cve20181758-xss (148605)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148605" + } + ] + } +} diff --git a/2018/1xxx/CVE-2018-1760.json b/2018/1xxx/CVE-2018-1760.json index ad24cf6d605..e3f81867feb 100644 --- a/2018/1xxx/CVE-2018-1760.json +++ b/2018/1xxx/CVE-2018-1760.json @@ -1,18 +1,111 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-1760", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "references" : { + "reference_data" : [ + { + "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)" + }, + { + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148614", + "name" : "ibm-rqm-cve20181760-xss (148614)" + } + ] + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148614." + } + ] + }, + "CVE_data_meta" : { + "DATE_PUBLIC" : "2019-06-25T00:00:00", + "ID" : "CVE-2018-1760", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com" + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Cross-Site Scripting", + "lang" : "eng" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "AC" : "L", + "A" : "N", + "I" : "L", + "S" : "C", + "C" : "L", + "SCORE" : "5.400", + "AV" : "N", + "PR" : "L", + "UI" : "R" + }, + "TM" : { + "E" : "H", + "RC" : "C", + "RL" : "O" + } + } + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "6.0" + }, + { + "version_value" : "6.0.1" + }, + { + "version_value" : "6.0.2" + }, + { + "version_value" : "6.0.3" + }, + { + "version_value" : "6.0.4" + }, + { + "version_value" : "6.0.5" + }, + { + "version_value" : "6.0.6" + }, + { + "version_value" : "6.0.6.1" + } + ] + }, + "product_name" : "Rational Collaborative Lifecycle Management" + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "data_format" : "MITRE", + "data_version" : "4.0", + "data_type" : "CVE" +} diff --git a/2018/1xxx/CVE-2018-1826.json b/2018/1xxx/CVE-2018-1826.json index 716d9782689..e594e41f167 100644 --- a/2018/1xxx/CVE-2018-1826.json +++ b/2018/1xxx/CVE-2018-1826.json @@ -1,18 +1,111 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-1826", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_version" : "4.0", + "data_type" : "CVE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "product_name" : "Rational Collaborative Lifecycle Management", + "version" : { + "version_data" : [ + { + "version_value" : "6.0" + }, + { + "version_value" : "6.0.1" + }, + { + "version_value" : "6.0.2" + }, + { + "version_value" : "6.0.3" + }, + { + "version_value" : "6.0.4" + }, + { + "version_value" : "6.0.5" + }, + { + "version_value" : "6.0.6" + }, + { + "version_value" : "6.0.6.1" + } + ] + } + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Cross-site scripting", + "lang" : "eng" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "AV" : "N", + "SCORE" : "5.400", + "PR" : "L", + "UI" : "R", + "AC" : "L", + "A" : "N", + "C" : "L", + "S" : "C", + "I" : "L" + }, + "TM" : { + "RC" : "C", + "E" : "U", + "RL" : "O" + } + } + }, + "CVE_data_meta" : { + "ID" : "CVE-2018-1826", + "DATE_PUBLIC" : "2019-06-25T00:00:00", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC" + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150429." + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)", + "refsource" : "CONFIRM" + }, + { + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/150429", + "name" : "ibm-rqm-cve20181826-xss (150429)" + } + ] + } +} diff --git a/2018/1xxx/CVE-2018-1827.json b/2018/1xxx/CVE-2018-1827.json index da01e386935..7ad4b53786d 100644 --- a/2018/1xxx/CVE-2018-1827.json +++ b/2018/1xxx/CVE-2018-1827.json @@ -1,18 +1,111 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-1827", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "impact" : { + "cvssv3" : { + "TM" : { + "E" : "U", + "RC" : "C", + "RL" : "O" + }, + "BM" : { + "PR" : "L", + "SCORE" : "5.400", + "AV" : "N", + "UI" : "R", + "A" : "N", + "AC" : "L", + "I" : "L", + "S" : "C", + "C" : "L" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Cross-Site Scripting", + "lang" : "eng" + } + ] + } + ] + }, + "data_type" : "CVE", + "data_version" : "4.0", + "data_format" : "MITRE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "6.0" + }, + { + "version_value" : "6.0.1" + }, + { + "version_value" : "6.0.2" + }, + { + "version_value" : "6.0.3" + }, + { + "version_value" : "6.0.4" + }, + { + "version_value" : "6.0.5" + }, + { + "version_value" : "6.0.6" + }, + { + "version_value" : "6.0.6.1" + } + ] + }, + "product_name" : "Rational Collaborative Lifecycle Management" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "references" : { + "reference_data" : [ + { + "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)" + }, + { + "name" : "ibm-rqm-cve20181827-xss (150430)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/150430", + "title" : "X-Force Vulnerability Report", + "refsource" : "XF" + } + ] + }, + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "DATE_PUBLIC" : "2019-06-25T00:00:00", + "ID" : "CVE-2018-1827" + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150430." + } + ] + } +} diff --git a/2018/1xxx/CVE-2018-1828.json b/2018/1xxx/CVE-2018-1828.json index 9f6612d49c1..af2cef920da 100644 --- a/2018/1xxx/CVE-2018-1828.json +++ b/2018/1xxx/CVE-2018-1828.json @@ -1,18 +1,111 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-1828", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "description" : { + "description_data" : [ + { + "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150431.", + "lang" : "eng" + } + ] + }, + "CVE_data_meta" : { + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com", + "DATE_PUBLIC" : "2019-06-25T00:00:00", + "ID" : "CVE-2018-1828" + }, + "references" : { + "reference_data" : [ + { + "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)", + "refsource" : "CONFIRM", + "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525" + }, + { + "name" : "ibm-rqm-cve20181828-xss (150431)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/150431", + "title" : "X-Force Vulnerability Report", + "refsource" : "XF" + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "product_name" : "Rational Collaborative Lifecycle Management", + "version" : { + "version_data" : [ + { + "version_value" : "6.0" + }, + { + "version_value" : "6.0.1" + }, + { + "version_value" : "6.0.2" + }, + { + "version_value" : "6.0.3" + }, + { + "version_value" : "6.0.4" + }, + { + "version_value" : "6.0.5" + }, + { + "version_value" : "6.0.6" + }, + { + "version_value" : "6.0.6.1" + } + ] + } + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "data_version" : "4.0", + "data_type" : "CVE", + "data_format" : "MITRE", + "impact" : { + "cvssv3" : { + "TM" : { + "RL" : "O", + "E" : "U", + "RC" : "C" + }, + "BM" : { + "UI" : "R", + "SCORE" : "5.400", + "AV" : "N", + "PR" : "L", + "I" : "L", + "S" : "C", + "C" : "L", + "AC" : "L", + "A" : "N" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross-Site Scripting" + } + ] + } + ] + } +} diff --git a/2018/1xxx/CVE-2018-1892.json b/2018/1xxx/CVE-2018-1892.json index b7b026badc0..c01e3f6ab6f 100644 --- a/2018/1xxx/CVE-2018-1892.json +++ b/2018/1xxx/CVE-2018-1892.json @@ -1,18 +1,111 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-1892", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "impact" : { + "cvssv3" : { + "TM" : { + "RL" : "O", + "RC" : "C", + "E" : "H" + }, + "BM" : { + "C" : "L", + "I" : "L", + "S" : "C", + "AC" : "L", + "A" : "N", + "UI" : "R", + "AV" : "N", + "SCORE" : "5.400", + "PR" : "L" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Cross-Site Scripting", + "lang" : "eng" + } + ] + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "6.0" + }, + { + "version_value" : "6.0.1" + }, + { + "version_value" : "6.0.2" + }, + { + "version_value" : "6.0.3" + }, + { + "version_value" : "6.0.4" + }, + { + "version_value" : "6.0.5" + }, + { + "version_value" : "6.0.6" + }, + { + "version_value" : "6.0.6.1" + } + ] + }, + "product_name" : "Rational Collaborative Lifecycle Management" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "data_version" : "4.0", + "data_type" : "CVE", + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)", + "refsource" : "CONFIRM", + "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152156", + "name" : "ibm-rqm-cve20181892-xss (152156)", + "refsource" : "XF", + "title" : "X-Force Vulnerability Report" + } + ] + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152156." + } + ] + }, + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "ID" : "CVE-2018-1892", + "DATE_PUBLIC" : "2019-06-25T00:00:00" + } +} diff --git a/2018/1xxx/CVE-2018-1893.json b/2018/1xxx/CVE-2018-1893.json index 0a6f2ea8a35..467a897bf2b 100644 --- a/2018/1xxx/CVE-2018-1893.json +++ b/2018/1xxx/CVE-2018-1893.json @@ -1,18 +1,111 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-1893", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "6.0" + }, + { + "version_value" : "6.0.1" + }, + { + "version_value" : "6.0.2" + }, + { + "version_value" : "6.0.3" + }, + { + "version_value" : "6.0.4" + }, + { + "version_value" : "6.0.5" + }, + { + "version_value" : "6.0.6" + }, + { + "version_value" : "6.0.6.1" + } + ] + }, + "product_name" : "Rational Collaborative Lifecycle Management" + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross-Site Scripting" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "UI" : "R", + "SCORE" : "5.400", + "AV" : "N", + "PR" : "L", + "I" : "L", + "S" : "C", + "C" : "L", + "AC" : "L", + "A" : "N" + }, + "TM" : { + "RL" : "O", + "E" : "H", + "RC" : "C" + } + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152157." + } + ] + }, + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "DATE_PUBLIC" : "2019-06-25T00:00:00", + "ID" : "CVE-2018-1893" + }, + "references" : { + "reference_data" : [ + { + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)", + "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152157", + "name" : "ibm-rqm-cve20181893-xss (152157)", + "refsource" : "XF", + "title" : "X-Force Vulnerability Report" + } + ] + } +} diff --git a/2019/4xxx/CVE-2019-4083.json b/2019/4xxx/CVE-2019-4083.json index 19465b3ecae..45fd3e1f877 100644 --- a/2019/4xxx/CVE-2019-4083.json +++ b/2019/4xxx/CVE-2019-4083.json @@ -1,18 +1,111 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-4083", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "ID" : "CVE-2019-4083", + "DATE_PUBLIC" : "2019-06-25T00:00:00" + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 157383." + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)", + "refsource" : "CONFIRM" + }, + { + "title" : "X-Force Vulnerability Report", + "refsource" : "XF", + "name" : "ibm-jazz-cve20194083-xss (157383)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/157383" + } + ] + }, + "data_version" : "4.0", + "data_type" : "CVE", + "data_format" : "MITRE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "product_name" : "Rational Collaborative Lifecycle Management", + "version" : { + "version_data" : [ + { + "version_value" : "6.0" + }, + { + "version_value" : "6.0.1" + }, + { + "version_value" : "6.0.2" + }, + { + "version_value" : "6.0.3" + }, + { + "version_value" : "6.0.4" + }, + { + "version_value" : "6.0.5" + }, + { + "version_value" : "6.0.6" + }, + { + "version_value" : "6.0.6.1" + } + ] + } + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "impact" : { + "cvssv3" : { + "BM" : { + "UI" : "R", + "PR" : "L", + "AV" : "N", + "SCORE" : "5.400", + "C" : "L", + "S" : "C", + "I" : "L", + "A" : "N", + "AC" : "L" + }, + "TM" : { + "RC" : "C", + "E" : "H", + "RL" : "O" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross-Site Scripting" + } + ] + } + ] + } +} diff --git a/2019/4xxx/CVE-2019-4084.json b/2019/4xxx/CVE-2019-4084.json index dd3226235a9..7bc0728ac77 100644 --- a/2019/4xxx/CVE-2019-4084.json +++ b/2019/4xxx/CVE-2019-4084.json @@ -1,18 +1,111 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-4084", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "CVE_data_meta" : { + "DATE_PUBLIC" : "2019-06-25T00:00:00", + "ID" : "CVE-2019-4084", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com" + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated user to obtain sensitive information from CLM Applications that could be used in further attacks against the system. IBM X-Force ID: 157384." + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/157384", + "name" : "ibm-jazz-cve20194084-info-disc (157384)", + "refsource" : "XF", + "title" : "X-Force Vulnerability Report" + } + ] + }, + "data_type" : "CVE", + "data_version" : "4.0", + "data_format" : "MITRE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "6.0" + }, + { + "version_value" : "6.0.1" + }, + { + "version_value" : "6.0.2" + }, + { + "version_value" : "6.0.3" + }, + { + "version_value" : "6.0.4" + }, + { + "version_value" : "6.0.5" + }, + { + "version_value" : "6.0.6" + }, + { + "version_value" : "6.0.6.1" + } + ] + }, + "product_name" : "Rational Collaborative Lifecycle Management" + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "impact" : { + "cvssv3" : { + "TM" : { + "RC" : "C", + "E" : "U", + "RL" : "O" + }, + "BM" : { + "UI" : "N", + "SCORE" : "4.300", + "AV" : "N", + "PR" : "L", + "S" : "U", + "I" : "N", + "C" : "L", + "AC" : "L", + "A" : "N" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Obtain Information", + "lang" : "eng" + } + ] + } + ] + } +} diff --git a/2019/4xxx/CVE-2019-4249.json b/2019/4xxx/CVE-2019-4249.json index a38712b129d..a26d0f0d3d7 100644 --- a/2019/4xxx/CVE-2019-4249.json +++ b/2019/4xxx/CVE-2019-4249.json @@ -1,18 +1,111 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-4249", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "references" : { + "reference_data" : [ + { + "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)", + "refsource" : "CONFIRM", + "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525" + }, + { + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/159647", + "name" : "ibm-rtc-cve20194249-xss (159647)" + } + ] + }, + "description" : { + "description_data" : [ + { + "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159647.", + "lang" : "eng" + } + ] + }, + "CVE_data_meta" : { + "ID" : "CVE-2019-4249", + "DATE_PUBLIC" : "2019-06-25T00:00:00", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com" + }, + "impact" : { + "cvssv3" : { + "BM" : { + "UI" : "R", + "PR" : "L", + "SCORE" : "5.400", + "AV" : "N", + "S" : "C", + "I" : "L", + "C" : "L", + "A" : "N", + "AC" : "L" + }, + "TM" : { + "E" : "H", + "RC" : "C", + "RL" : "O" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross-Site Scripting" + } + ] + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "product_name" : "Rational Collaborative Lifecycle Management", + "version" : { + "version_data" : [ + { + "version_value" : "6.0" + }, + { + "version_value" : "6.0.1" + }, + { + "version_value" : "6.0.2" + }, + { + "version_value" : "6.0.3" + }, + { + "version_value" : "6.0.4" + }, + { + "version_value" : "6.0.5" + }, + { + "version_value" : "6.0.6" + }, + { + "version_value" : "6.0.6.1" + } + ] + } + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "data_type" : "CVE", + "data_version" : "4.0", + "data_format" : "MITRE" +} diff --git a/2019/4xxx/CVE-2019-4250.json b/2019/4xxx/CVE-2019-4250.json index 9886fdb89c0..2afb981e003 100644 --- a/2019/4xxx/CVE-2019-4250.json +++ b/2019/4xxx/CVE-2019-4250.json @@ -1,18 +1,111 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-4250", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "references" : { + "reference_data" : [ + { + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)", + "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525" + }, + { + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/159648", + "name" : "ibm-jazz-cve20194250-xss (159648)" + } + ] + }, + "description" : { + "description_data" : [ + { + "value" : "IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159648.", + "lang" : "eng" + } + ] + }, + "CVE_data_meta" : { + "DATE_PUBLIC" : "2019-06-25T00:00:00", + "ID" : "CVE-2019-4250", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com" + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Cross-Site Scripting", + "lang" : "eng" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "SCORE" : "5.400", + "AV" : "N", + "PR" : "L", + "UI" : "R", + "AC" : "L", + "A" : "N", + "S" : "C", + "I" : "L", + "C" : "L" + }, + "TM" : { + "RL" : "O", + "E" : "H", + "RC" : "C" + } + } + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "6.0" + }, + { + "version_value" : "6.0.1" + }, + { + "version_value" : "6.0.2" + }, + { + "version_value" : "6.0.3" + }, + { + "version_value" : "6.0.4" + }, + { + "version_value" : "6.0.5" + }, + { + "version_value" : "6.0.6" + }, + { + "version_value" : "6.0.6.1" + } + ] + }, + "product_name" : "Rational Collaborative Lifecycle Management" + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "data_version" : "4.0", + "data_type" : "CVE", + "data_format" : "MITRE" +} diff --git a/2019/4xxx/CVE-2019-4252.json b/2019/4xxx/CVE-2019-4252.json index d2463b7d4a0..dc0a502c19b 100644 --- a/2019/4xxx/CVE-2019-4252.json +++ b/2019/4xxx/CVE-2019-4252.json @@ -1,18 +1,111 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-4252", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "impact" : { + "cvssv3" : { + "BM" : { + "A" : "N", + "AC" : "L", + "S" : "U", + "I" : "N", + "C" : "H", + "PR" : "L", + "SCORE" : "6.500", + "AV" : "N", + "UI" : "N" + }, + "TM" : { + "RC" : "C", + "E" : "U", + "RL" : "O" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "6.0" + }, + { + "version_value" : "6.0.1" + }, + { + "version_value" : "6.0.2" + }, + { + "version_value" : "6.0.3" + }, + { + "version_value" : "6.0.4" + }, + { + "version_value" : "6.0.5" + }, + { + "version_value" : "6.0.6" + }, + { + "version_value" : "6.0.6.1" + } + ] + }, + "product_name" : "Rational Collaborative Lifecycle Management" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "references" : { + "reference_data" : [ + { + "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)", + "refsource" : "CONFIRM", + "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525", + "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525" + }, + { + "name" : "ibm-rtc-cve20194252-info-disc (159883)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/159883", + "title" : "X-Force Vulnerability Report", + "refsource" : "XF" + } + ] + }, + "description" : { + "description_data" : [ + { + "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 159883.", + "lang" : "eng" + } + ] + }, + "CVE_data_meta" : { + "ID" : "CVE-2019-4252", + "DATE_PUBLIC" : "2019-06-25T00:00:00", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC" + } +}