From 55add19f1321b6e80eb09782011ebb6cc241dcac Mon Sep 17 00:00:00 2001
From: CVE Team <cve-request@mitre.org>
Date: Mon, 22 Oct 2018 09:04:09 -0400
Subject: [PATCH] - Synchronized data.

---
 2018/18xxx/CVE-2018-18074.json |  7 ++-
 2018/1xxx/CVE-2018-1850.json   | 94 +++++++++++++++++-----------------
 2 files changed, 52 insertions(+), 49 deletions(-)

diff --git a/2018/18xxx/CVE-2018-18074.json b/2018/18xxx/CVE-2018-18074.json
index 22097c3dfe4..0feb846ae02 100644
--- a/2018/18xxx/CVE-2018-18074.json
+++ b/2018/18xxx/CVE-2018-18074.json
@@ -34,7 +34,7 @@
       "description_data" : [
          {
             "lang" : "eng",
-            "value" : "The Requests package through 2.19.1 before 2018-09-14 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network."
+            "value" : "The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network."
          }
       ]
    },
@@ -72,6 +72,11 @@
             "refsource" : "MISC",
             "url" : "https://github.com/requests/requests/pull/4718"
          },
+         {
+            "name" : "http://docs.python-requests.org/en/master/community/updates/#release-and-version-history",
+            "refsource" : "CONFIRM",
+            "url" : "http://docs.python-requests.org/en/master/community/updates/#release-and-version-history"
+         },
          {
             "name" : "USN-3790-1",
             "refsource" : "UBUNTU",
diff --git a/2018/1xxx/CVE-2018-1850.json b/2018/1xxx/CVE-2018-1850.json
index 396bd119598..c9d18e59a55 100644
--- a/2018/1xxx/CVE-2018-1850.json
+++ b/2018/1xxx/CVE-2018-1850.json
@@ -1,17 +1,10 @@
 {
-   "problemtype" : {
-      "problemtype_data" : [
-         {
-            "description" : [
-               {
-                  "value" : "Bypass Security",
-                  "lang" : "eng"
-               }
-            ]
-         }
-      ]
+   "CVE_data_meta" : {
+      "ASSIGNER" : "psirt@us.ibm.com",
+      "DATE_PUBLIC" : "2018-10-17T00:00:00",
+      "ID" : "CVE-2018-1850",
+      "STATE" : "PUBLIC"
    },
-   "data_type" : "CVE",
    "affects" : {
       "vendor" : {
          "vendor_data" : [
@@ -41,56 +34,61 @@
          ]
       }
    },
-   "references" : {
-      "reference_data" : [
-         {
-            "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10734555",
-            "title" : "IBM Security Bulletin 734555 (Security Access Manager Appliance)",
-            "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10734555",
-            "refsource" : "CONFIRM"
-         },
-         {
-            "name" : "ibm-sam-cve20181850-auth-bypass (150998)",
-            "title" : "X-Force Vulnerability Report",
-            "refsource" : "XF",
-            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/150998"
-         }
-      ]
-   },
-   "CVE_data_meta" : {
-      "STATE" : "PUBLIC",
-      "ASSIGNER" : "psirt@us.ibm.com",
-      "ID" : "CVE-2018-1850",
-      "DATE_PUBLIC" : "2018-10-17T00:00:00"
-   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
    "description" : {
       "description_data" : [
          {
             "lang" : "eng",
-            "value" : "IBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 and 9.0.5.0 could allow unauthorized administration operations when Advanced Access Control services are running.  IBM X-Force ID:  150998."
+            "value" : "IBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 and 9.0.5.0 could allow unauthorized administration operations when Advanced Access Control services are running. IBM X-Force ID: 150998."
          }
       ]
    },
-   "data_format" : "MITRE",
    "impact" : {
       "cvssv3" : {
-         "TM" : {
-            "RL" : "O",
-            "RC" : "C",
-            "E" : "U"
-         },
          "BM" : {
-            "UI" : "N",
-            "I" : "H",
             "A" : "H",
-            "AV" : "N",
-            "SCORE" : "8.800",
-            "C" : "H",
             "AC" : "L",
+            "AV" : "N",
+            "C" : "H",
+            "I" : "H",
+            "PR" : "L",
             "S" : "U",
-            "PR" : "L"
+            "SCORE" : "8.800",
+            "UI" : "N"
+         },
+         "TM" : {
+            "E" : "U",
+            "RC" : "C",
+            "RL" : "O"
          }
       }
    },
-   "data_version" : "4.0"
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "Bypass Security"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10734555",
+            "refsource" : "CONFIRM",
+            "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10734555"
+         },
+         {
+            "name" : "ibm-sam-cve20181850-auth-bypass(150998)",
+            "refsource" : "XF",
+            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/150998"
+         }
+      ]
+   }
 }