admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 22:18:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

IBM20190627-9023

Browse Source 
Added CVE-2018-1734, CVE-2019-4252, CVE-2019-4083, CVE-2019-4249, CVE-2018-1892, CVE-2018-1760, CVE-2019-4250, CVE-2018-1826, CVE-2018-1758, CVE-2018-1893, CVE-2018-1828, CVE-2018-1827, CVE-2019-4084
This commit is contained in:
Scott Moore - IBM 2019-06-27 09:00:23 -04:00
parent cf555074f5
commit 51c14add4a
No known key found for this signature in database
GPG Key ID: 95B9EA1B824C2926
13 changed files with 1404 additions and 195 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

107
2018/1xxx/CVE-2018-1734.json
View File

@ -1,17 +1,110 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1734",
"STATE": "RESERVED"
},
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
"data_version" : "4.0", "data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"UI" : "N",
"PR" : "L",
"AV" : "N",
"SCORE" : "4.300",
"C" : "L",
"I" : "N",
"S" : "U",
"A" : "N",
"AC" : "L"
}
}
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2018-1734"
},
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang": "eng", "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a malicious user to orchestrate further attacks. IBM X-Force ID: 147838.",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-rhapsody-cve20181734-info-disc (147838)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/147838",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
} }
] ]
} }

109
2018/1xxx/CVE-2018-1758.json
View File

@ -1,17 +1,110 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1758",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version" : "4.0", "data_version" : "4.0",
"data_type" : "CVE",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "H",
"RC" : "C"
},
"BM" : {
"AC" : "L",
"A" : "N",
"I" : "L",
"S" : "C",
"C" : "L",
"SCORE" : "5.400",
"AV" : "N",
"PR" : "L",
"UI" : "R"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1758",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148605."
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-rqm-cve20181758-xss (148605)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148605"
} }
] ]
} }

109
2018/1xxx/CVE-2018-1760.json
View File

@ -1,18 +1,111 @@
{ {
"CVE_data_meta": { "references" : {
"ASSIGNER": "cve@mitre.org", "reference_data" : [
"ID": "CVE-2018-1760", {
"STATE": "RESERVED" "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148614",
"name" : "ibm-rqm-cve20181760-xss (148614)"
}
]
}, },
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148614."
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2018-1760",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"A" : "N",
"I" : "L",
"S" : "C",
"C" : "L",
"SCORE" : "5.400",
"AV" : "N",
"PR" : "L",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
} }
] ]
} }
} }
]
}
},
"data_format" : "MITRE",
"data_version" : "4.0",
"data_type" : "CVE"
}

113
2018/1xxx/CVE-2018-1826.json
View File

@ -1,17 +1,110 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1826",
"STATE": "RESERVED"
},
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type": "CVE",
"data_version" : "4.0", "data_version" : "4.0",
"description": { "data_type" : "CVE",
"description_data": [ "affects" : {
"vendor" : {
"vendor_data" : [
{ {
"lang": "eng", "vendor_name" : "IBM",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "product" : {
"product_data" : [
{
"product_name" : "Rational Collaborative Lifecycle Management",
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-site scripting",
"lang" : "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"SCORE" : "5.400",
"PR" : "L",
"UI" : "R",
"AC" : "L",
"A" : "N",
"C" : "L",
"S" : "C",
"I" : "L"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1826",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150429."
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/150429",
"name" : "ibm-rqm-cve20181826-xss (150429)"
} }
] ]
} }

105
2018/1xxx/CVE-2018-1827.json
View File

@ -1,17 +1,110 @@
{ {
"CVE_data_meta": { "impact" : {
"ASSIGNER": "cve@mitre.org", "cvssv3" : {
"ID": "CVE-2018-1827", "TM" : {
"STATE": "RESERVED" "E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"PR" : "L",
"SCORE" : "5.400",
"AV" : "N",
"UI" : "R",
"A" : "N",
"AC" : "L",
"I" : "L",
"S" : "C",
"C" : "L"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
}, },
"data_format": "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
"data_version" : "4.0", "data_version" : "4.0",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)"
},
{
"name" : "ibm-rqm-cve20181827-xss (150430)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/150430",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2018-1827"
},
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150430."
} }
] ]
} }

113
2018/1xxx/CVE-2018-1828.json
View File

@ -1,17 +1,110 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1828",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang": "eng", "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150431.",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "lang" : "eng"
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2018-1828"
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"name" : "ibm-rqm-cve20181828-xss (150431)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/150431",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Rational Collaborative Lifecycle Management",
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_version" : "4.0",
"data_type" : "CVE",
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
},
"BM" : {
"UI" : "R",
"SCORE" : "5.400",
"AV" : "N",
"PR" : "L",
"I" : "L",
"S" : "C",
"C" : "L",
"AC" : "L",
"A" : "N"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
} }
] ]
} }

107
2018/1xxx/CVE-2018-1892.json
View File

@ -1,18 +1,111 @@
{ {
"CVE_data_meta": { "impact" : {
"ASSIGNER": "cve@mitre.org", "cvssv3" : {
"ID": "CVE-2018-1892", "TM" : {
"STATE": "RESERVED" "RL" : "O",
"RC" : "C",
"E" : "H"
},
"BM" : {
"C" : "L",
"I" : "L",
"S" : "C",
"AC" : "L",
"A" : "N",
"UI" : "R",
"AV" : "N",
"SCORE" : "5.400",
"PR" : "L"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name" : "IBM"
}
]
}
}, },
"data_format": "MITRE",
"data_type": "CVE",
"data_version" : "4.0", "data_version" : "4.0",
"data_type" : "CVE",
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152156",
"name" : "ibm-rqm-cve20181892-xss (152156)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152156."
} }
] ]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2018-1892",
"DATE_PUBLIC" : "2019-06-25T00:00:00"
} }
} }

115
2018/1xxx/CVE-2018-1893.json
View File

@ -1,17 +1,110 @@
{ {
"CVE_data_meta": { "affects" : {
"ASSIGNER": "cve@mitre.org", "vendor" : {
"ID": "CVE-2018-1893", "vendor_data" : [
"STATE": "RESERVED" {
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
}, },
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{ {
"lang": "eng", "version_value" : "6.0.1"
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." },
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
}
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "R",
"SCORE" : "5.400",
"AV" : "N",
"PR" : "L",
"I" : "L",
"S" : "C",
"C" : "L",
"AC" : "L",
"A" : "N"
},
"TM" : {
"RL" : "O",
"E" : "H",
"RC" : "C"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152157."
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2018-1893"
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152157",
"name" : "ibm-rqm-cve20181893-xss (152157)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
} }
] ]
} }

105
2019/4xxx/CVE-2019-4083.json
View File

@ -1,17 +1,110 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER": "cve@mitre.org", "ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2019-4083", "ID" : "CVE-2019-4083",
"STATE": "RESERVED" "DATE_PUBLIC" : "2019-06-25T00:00:00"
}, },
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 157383."
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-jazz-cve20194083-xss (157383)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/157383"
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Rational Collaborative Lifecycle Management",
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "R",
"PR" : "L",
"AV" : "N",
"SCORE" : "5.400",
"C" : "L",
"S" : "C",
"I" : "L",
"A" : "N",
"AC" : "L"
},
"TM" : {
"RC" : "C",
"E" : "H",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
} }
] ]
} }

105
2019/4xxx/CVE-2019-4084.json
View File

@ -1,17 +1,110 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER": "cve@mitre.org", "DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2019-4084", "ID" : "CVE-2019-4084",
"STATE": "RESERVED" "STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
}, },
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated user to obtain sensitive information from CLM Applications that could be used in further attacks against the system. IBM X-Force ID: 157384."
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/157384",
"name" : "ibm-jazz-cve20194084-info-disc (157384)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_type" : "CVE",
"data_version" : "4.0",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
}
}
]
}
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"UI" : "N",
"SCORE" : "4.300",
"AV" : "N",
"PR" : "L",
"S" : "U",
"I" : "N",
"C" : "L",
"AC" : "L",
"A" : "N"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
} }
] ]
} }

109
2019/4xxx/CVE-2019-4249.json
View File

@ -1,18 +1,111 @@
{ {
"CVE_data_meta": { "references" : {
"ASSIGNER": "cve@mitre.org", "reference_data" : [
"ID": "CVE-2019-4249", {
"STATE": "RESERVED" "title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/159647",
"name" : "ibm-rtc-cve20194249-xss (159647)"
}
]
}, },
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{
"value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159647.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2019-4249",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "R",
"PR" : "L",
"SCORE" : "5.400",
"AV" : "N",
"S" : "C",
"I" : "L",
"C" : "L",
"A" : "N",
"AC" : "L"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "Cross-Site Scripting"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Rational Collaborative Lifecycle Management",
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
} }
] ]
} }
} }
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_type" : "CVE",
"data_version" : "4.0",
"data_format" : "MITRE"
}

111
2019/4xxx/CVE-2019-4250.json
View File

@ -1,18 +1,111 @@
{ {
"CVE_data_meta": { "references" : {
"ASSIGNER": "cve@mitre.org", "reference_data" : [
"ID": "CVE-2019-4250", {
"STATE": "RESERVED" "refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/159648",
"name" : "ibm-jazz-cve20194250-xss (159648)"
}
]
}, },
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang": "eng", "value" : "IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159648.",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "lang" : "eng"
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ID" : "CVE-2019-4250",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "5.400",
"AV" : "N",
"PR" : "L",
"UI" : "R",
"AC" : "L",
"A" : "N",
"S" : "C",
"I" : "L",
"C" : "L"
},
"TM" : {
"RL" : "O",
"E" : "H",
"RC" : "C"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
} }
] ]
} }
} }
]
}
},
"data_version" : "4.0",
"data_type" : "CVE",
"data_format" : "MITRE"
}

105
2019/4xxx/CVE-2019-4252.json
View File

@ -1,18 +1,111 @@
{ {
"CVE_data_meta": { "impact" : {
"ASSIGNER": "cve@mitre.org", "cvssv3" : {
"ID": "CVE-2019-4252", "BM" : {
"STATE": "RESERVED" "A" : "N",
"AC" : "L",
"S" : "U",
"I" : "N",
"C" : "H",
"PR" : "L",
"SCORE" : "6.500",
"AV" : "N",
"UI" : "N"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
},
{
"version_value" : "6.0.4"
},
{
"version_value" : "6.0.5"
},
{
"version_value" : "6.0.6"
},
{
"version_value" : "6.0.6.1"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
]
},
"vendor_name" : "IBM"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
"data_version" : "4.0", "data_version" : "4.0",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10956525"
},
{
"name" : "ibm-rtc-cve20194252-info-disc (159883)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/159883",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang": "eng", "value" : "IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 159883.",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "lang" : "eng"
} }
] ]
},
"CVE_data_meta" : {
"ID" : "CVE-2019-4252",
"DATE_PUBLIC" : "2019-06-25T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
} }
} }