admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-09-20 12:04:43 -04:00
parent 8a696fcd53
commit 52ab9a12a5
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
2 changed files with 110 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
2018/6xxx/CVE-2018-6500.json
View File

@ -1,94 +1,95 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2018-09-19T15:33:00.000Z",
"ID": "CVE-2018-6500",
"STATE": "PUBLIC",
"TITLE": "MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability"
"CVE_data_meta" : {
"ASSIGNER" : "security@microfocus.com",
"DATE_PUBLIC" : "2018-09-19T15:33:00.000Z",
"ID" : "CVE-2018-6500",
"STATE" : "PUBLIC",
"TITLE" : "MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "ArcSight Management Center",
"version": {
"version_data": [
"product_name" : "ArcSight Management Center",
"version" : {
"version_data" : [
{
"version_value": "all versions prior to 2.81"
"version_value" : "all versions prior to 2.81"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
"vendor_name" : "Micro Focus"
}
]
}
},
"credit": [
"credit" : [
{
"lang": "eng",
"value": "Micro Focus would like to thank Vahagn Vardanyan for reporting the Directory Traversal Vulnerability to cyber-psrt@microfocus.com.\n"
"lang" : "eng",
"value" : "Micro Focus would like to thank Vahagn Vardanyan for reporting the Directory Traversal Vulnerability to cyber-psrt@microfocus.com.\n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be remotely exploited to allow Directory Traversal."
"lang" : "eng",
"value" : "A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be remotely exploited to allow Directory Traversal."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Directory Traversal"
"lang" : "eng",
"value" : "Directory Traversal"
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Directory Traversal"
"lang" : "eng",
"value" : "Directory Traversal"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142"
"name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142",
"refsource" : "CONFIRM",
"url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142"
}
]
},
"source": {
"discovery": "UNKNOWN"
"source" : {
"discovery" : "UNKNOWN"
}
}

109
2018/6xxx/CVE-2018-6501.json
View File

@ -1,94 +1,95 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2018-09-19T15:35:00.000Z",
"ID": "CVE-2018-6501",
"STATE": "PUBLIC",
"TITLE": "MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control"
"CVE_data_meta" : {
"ASSIGNER" : "security@microfocus.com",
"DATE_PUBLIC" : "2018-09-19T15:35:00.000Z",
"ID" : "CVE-2018-6501",
"STATE" : "PUBLIC",
"TITLE" : "MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "ArcSight Management Center",
"version": {
"version_data": [
"product_name" : "ArcSight Management Center",
"version" : {
"version_data" : [
{
"version_value": "all versions prior to 2.81"
"version_value" : "all versions prior to 2.81"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
"vendor_name" : "Micro Focus"
}
]
}
},
"credit": [
"credit" : [
{
"lang": "eng",
"value": "Micro Focus would like to thank Andy Tan for reporting the Insufficient Access Control, Access Control Vulnerability, Reflected Cross Site Scripting, Cross-Site Request Forgery (CSRF), and Unauthenticated File Download vulnerabilities to cyber-psrt@microfocus.com.\n"
"lang" : "eng",
"value" : "Micro Focus would like to thank Andy Tan for reporting the Insufficient Access Control, Access Control Vulnerability, Reflected Cross Site Scripting, Cross-Site Request Forgery (CSRF), and Unauthenticated File Download vulnerabilities to cyber-psrt@microfocus.com.\n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "Potential security vulnerability of Insufficient Access Controls has been identified in ArcSight Management Center (ArcMC) for versions prior to 2.81. This vulnerability could be exploited to allow for insufficient access controls."
"lang" : "eng",
"value" : "Potential security vulnerability of Insufficient Access Controls has been identified in ArcSight Management Center (ArcMC) for versions prior to 2.81. This vulnerability could be exploited to allow for insufficient access controls."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Insufficient Access Controls"
"lang" : "eng",
"value" : "Insufficient Access Controls"
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"privilegesRequired" : "LOW",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Insufficient Access Controls"
"lang" : "eng",
"value" : "Insufficient Access Controls"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142"
"name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142",
"refsource" : "CONFIRM",
"url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142"
}
]
},
"source": {
"discovery": "UNKNOWN"
"source" : {
"discovery" : "UNKNOWN"
}
}