admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-07 21:47:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2019-02-15 15:03:53 -05:00
parent 5e2ac19f31
commit 53c9ee278c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
5 changed files with 247 additions and 257 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

124
2017/1xxx/CVE-2017-1695.json
View File

@ -1,74 +1,14 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"AC" : "H",
"A" : "N",
"PR" : "N",
"C" : "H",
"UI" : "N",
"I" : "N",
"SCORE" : "5.900",
"AV" : "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"data_type" : "CVE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-02-06T00:00:00",
"ID" : "CVE-2017-1695"
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 719107 (QRadar SIEM)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10719107",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10719107"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/134177",
"name" : "ibm-qradar-cve20171695-info-disc (134177)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134177."
}
]
"ID" : "CVE-2017-1695",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -85,9 +25,67 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134177."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.900",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10719107",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10719107"
},
{
"name" : "ibm-qradar-cve20171695-info-disc(134177)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/134177"
}
]
}
}

78
2018/1xxx/CVE-2018-1701.json
View File

@ -1,34 +1,14 @@
{
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 730555 (InfoSphere Information Server)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10730555",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10730555"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/145970",
"name" : "ibm-infosphere-cve20181701-command-exec (145970)"
}
]
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970."
}
]
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-10-16T00:00:00",
"ID" : "CVE-2018-1701",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -42,39 +22,43 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"CVE_data_meta" : {
"ID" : "CVE-2018-1701",
"DATE_PUBLIC" : "2018-10-16T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"I" : "H",
"SCORE" : "8.500",
"AC" : "H",
"S" : "C",
"PR" : "L",
"A" : "H",
"AC" : "H",
"AV" : "N",
"C" : "H",
"I" : "H",
"PR" : "L",
"S" : "C",
"SCORE" : "8.500",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
"RC" : "C",
"RL" : "O"
}
}
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
@ -86,5 +70,19 @@
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10730555",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10730555"
},
{
"name" : "ibm-infosphere-cve20181701-command-exec(145970)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/145970"
}
]
}
}

116
2018/1xxx/CVE-2018-1727.json
View File

@ -1,69 +1,18 @@
{
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"AV" : "N",
"SCORE" : "7.100",
"I" : "N",
"A" : "L",
"C" : "H",
"PR" : "L",
"UI" : "N",
"AC" : "L",
"S" : "U"
}
}
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-10-08T00:00:00",
"ID" : "CVE-2018-1727",
"DATE_PUBLIC" : "2018-10-08T00:00:00"
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10718887",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10718887",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 718887 (InfoSphere Information Server)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/147630",
"name" : "ibm-infosphere-cve20181727-xxe (147630)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "InfoSphere Information Server",
"version" : {
"version_data" : [
{
@ -79,20 +28,69 @@
"version_value" : "11.7"
}
]
},
"product_name" : "InfoSphere Information Server"
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 147630.",
"lang" : "eng"
"lang" : "eng",
"value" : "IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 147630."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "L",
"AC" : "L",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "7.100",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10718887",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10718887"
},
{
"name" : "ibm-infosphere-cve20181727-xxe(147630)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/147630"
}
]
}

64
2018/1xxx/CVE-2018-1895.json
View File

@ -1,26 +1,14 @@
{
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10744013",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10744013",
"title" : "IBM Security Bulletin 744013 (InfoSphere Information Server)",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-infosphere-cve20181895-xss (152159)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152159"
}
]
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-12-04T00:00:00",
"ID" : "CVE-2018-1895",
"STATE" : "PUBLIC"
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -40,38 +28,35 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152159.",
"lang" : "eng"
"lang" : "eng",
"value" : "IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152159."
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2018-12-04T00:00:00",
"ID" : "CVE-2018-1895",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"C" : "L",
"PR" : "L",
"UI" : "R",
"AC" : "L",
"S" : "C",
"AV" : "N",
"C" : "L",
"I" : "L",
"SCORE" : "5.400"
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
},
"TM" : {
"E" : "H",
@ -92,5 +77,18 @@
}
]
},
"data_format" : "MITRE"
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10744013",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10744013"
},
{
"name" : "ibm-infosphere-cve20181895-xss(152159)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152159"
}
]
}
}

122
2019/4xxx/CVE-2019-4059.json
View File

@ -1,69 +1,10 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"SCORE" : "7.500",
"I" : "N",
"AC" : "L",
"S" : "U",
"C" : "H",
"A" : "N",
"UI" : "N",
"PR" : "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"data_type" : "CVE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-4059",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 870810 (Rational ClearCase)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10870810",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10870810"
},
{
"name" : "ibm-clearcase-cve20194059-info-disc (156583)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/156583",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database password. An attacker could obtain the password and gain unauthorized access to the document database. IBM X-Force ID: 156583."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
@ -71,14 +12,14 @@
"product" : {
"product_data" : [
{
"product_name" : "Rational ClearCase",
"version" : {
"version_data" : [
{
"version_value" : "1.0.0.0"
}
]
},
"product_name" : "Rational ClearCase"
}
}
]
},
@ -86,5 +27,62 @@
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database password. An attacker could obtain the password and gain unauthorized access to the document database. IBM X-Force ID: 156583."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "7.500",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10870810",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10870810"
},
{
"name" : "ibm-clearcase-cve20194059-info-disc(156583)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/156583"
}
]
}
}