admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2017-12-01 09:02:20 -05:00
parent 535d6bb9ad
commit 5b1ab6cfd1
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
12 changed files with 734 additions and 722 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

123
2017/10xxx/CVE-2017-10861.json
View File

@ -1,62 +1,63 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10861",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "QualitySoft Corporation",
"product": {
"product_data": [
{
"product_name": "QND Advance/Standard",
"version": {
"version_data": [
{
"version_value": "all versions"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Directory traversal"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"http://www.qualitysoft.com/qnd_vulnerabilities"
},
{
"url":"https://jvn.jp/en/vu/JVNVU94198685/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Directory traversal vulnerability in QND Advance/Standard allows an attacker to read arbitrary files via via a specially crafted command."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-10861",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "QND Advance/Standard",
"version" : {
"version_data" : [
{
"version_value" : "all versions"
}
]
}
}
]
},
"vendor_name" : "QualitySoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in QND Advance/Standard allows an attacker to read arbitrary files via a specially crafted command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Directory traversal"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jvn.jp/en/vu/JVNVU94198685/index.html"
},
{
"url" : "http://www.qualitysoft.com/qnd_vulnerabilities"
}
]
}
}

123
2017/10xxx/CVE-2017-10874.json
View File

@ -1,62 +1,63 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10874",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION",
"product": {
"product_data": [
{
"product_name": "PWR-Q200",
"version": {
"version_data": [
{
"version_value": "all firmware versions"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Use of Insufficiently Random Values"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"http://web116.jp/shop/hikari_p/q200/q200_00.html"
},
{
"url":"https://jvn.jp/en/jp/JVN73141967/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote attackers to conduct DNS cache poisoning attacks."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-10874",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "PWR-Q200",
"version" : {
"version_data" : [
{
"version_value" : "all firmware versions"
}
]
}
}
]
},
"vendor_name" : "NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote attackers to conduct DNS cache poisoning attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Use of Insufficiently Random Values"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://web116.jp/shop/hikari_p/q200/q200_00.html"
},
{
"url" : "https://jvn.jp/en/jp/JVN73141967/index.html"
}
]
}
}

117
2017/10xxx/CVE-2017-10891.json
View File

@ -1,59 +1,60 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10891",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Sony Video & Sound Products Inc.",
"product": {
"product_data": [
{
"product_name": "Media Go",
"version": {
"version_data": [
{
"version_value": "version 3.2.0.191 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Untrusted search path vulnerability"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://jvn.jp/en/jp/JVN08517069/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Untrusted search path vulnerability in Media Go version 3.2.0.191 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-10891",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Media Go",
"version" : {
"version_data" : [
{
"version_value" : "version 3.2.0.191 and earlier"
}
]
}
}
]
},
"vendor_name" : "Sony Video & Sound Products Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Media Go version 3.2.0.191 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jvn.jp/en/jp/JVN08517069/index.html"
}
]
}
}

117
2017/10xxx/CVE-2017-10892.json
View File

@ -1,59 +1,60 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10892",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Sony Video & Sound Products Inc.",
"product": {
"product_data": [
{
"product_name": "Music Center for PC",
"version": {
"version_data": [
{
"version_value": "version 1.0.00"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Untrusted search path vulnerability"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://jvn.jp/en/jp/JVN08517069/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-10892",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Music Center for PC",
"version" : {
"version_data" : [
{
"version_value" : "version 1.0.00"
}
]
}
}
]
},
"vendor_name" : "Sony Video & Sound Products Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jvn.jp/en/jp/JVN08517069/index.html"
}
]
}
}

117
2017/10xxx/CVE-2017-10894.json
View File

@ -1,59 +1,60 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10894",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Tomoki Sanaki",
"product": {
"product_data": [
{
"product_name": "StreamRelay.NET.exe",
"version": {
"version_data": [
{
"version_value": "ver2.14.0.7 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Denial-of-service (DoS)"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://jvn.jp/en/jp/JVN71291160/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"StreamRelay.NET.exe ver2.14.0.7 and earlier allows remote attackers to cause a denial of service via unspecified vectors."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-10894",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "StreamRelay.NET.exe",
"version" : {
"version_data" : [
{
"version_value" : "ver2.14.0.7 and earlier"
}
]
}
}
]
},
"vendor_name" : "Tomoki Sanaki"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "StreamRelay.NET.exe ver2.14.0.7 and earlier allows remote attackers to cause a denial of service via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial-of-service (DoS)"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jvn.jp/en/jp/JVN71291160/index.html"
}
]
}
}

117
2017/10xxx/CVE-2017-10895.json
View File

@ -1,59 +1,60 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10895",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Tomoki Sanaki",
"product": {
"product_data": [
{
"product_name": "sDNSProxy.exe",
"version": {
"version_data": [
{
"version_value": "ver1.1.0.0 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Denial-of-service (DoS)"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://jvn.jp/en/jp/JVN71291160/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"sDNSProxy.exe ver1.1.0.0 and earlier allows remote attackers to cause a denial of service via unspecified vectors."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-10895",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "sDNSProxy.exe",
"version" : {
"version_data" : [
{
"version_value" : "ver1.1.0.0 and earlier"
}
]
}
}
]
},
"vendor_name" : "Tomoki Sanaki"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "sDNSProxy.exe ver1.1.0.0 and earlier allows remote attackers to cause a denial of service via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial-of-service (DoS)"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jvn.jp/en/jp/JVN71291160/index.html"
}
]
}
}

137
2017/10xxx/CVE-2017-10898.json
View File

@ -1,69 +1,70 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10898",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Princeton Ltd.",
"product": {
"product_data": [
{
"product_name": "A-Member",
"version": {
"version_data": [
{
"version_value": "versions 3.8.6 and earlier"
}
]
}
},
{
"product_name": "A-Member for MT cloud",
"version": {
"version_data": [
{
"version_value": "versions 3.8.6 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"SQL Injection"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://jvn.jp/en/jp/JVN78501037/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"SQL injection vulnerability in the A-Member and A-Member for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-10898",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "A-Member",
"version" : {
"version_data" : [
{
"version_value" : "versions 3.8.6 and earlier"
}
]
}
},
{
"product_name" : "A-Member for MT cloud",
"version" : {
"version_data" : [
{
"version_value" : "versions 3.8.6 and earlier"
}
]
}
}
]
},
"vendor_name" : "Princeton Ltd."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the A-Member and A-Member for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "SQL Injection"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jvn.jp/en/jp/JVN78501037/index.html"
}
]
}
}

137
2017/10xxx/CVE-2017-10899.json
View File

@ -1,69 +1,70 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10899",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Princeton Ltd.",
"product": {
"product_data": [
{
"product_name": "A-Reserve",
"version": {
"version_data": [
{
"version_value": "versions 3.8.6 and earlier"
}
]
}
},
{
"product_name": "A-Reserve for MT cloud",
"version": {
"version_data": [
{
"version_value": "versions 3.8.6 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"SQL Injection"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://jvn.jp/en/jp/JVN78501037/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"SQL injection vulnerability in the A-Reserve and A-Reserve for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-10899",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "A-Reserve",
"version" : {
"version_data" : [
{
"version_value" : "versions 3.8.6 and earlier"
}
]
}
},
{
"product_name" : "A-Reserve for MT cloud",
"version" : {
"version_data" : [
{
"version_value" : "versions 3.8.6 and earlier"
}
]
}
}
]
},
"vendor_name" : "Princeton Ltd."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the A-Reserve and A-Reserve for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "SQL Injection"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jvn.jp/en/jp/JVN78501037/index.html"
}
]
}
}

117
2017/10xxx/CVE-2017-10900.json
View File

@ -1,59 +1,60 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10900",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Princeton Ltd.",
"product": {
"product_data": [
{
"product_name": "PTW-WMS1",
"version": {
"version_data": [
{
"version_value": "firmware version 2.000.012"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Fails to restrict access"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://jvn.jp/en/jp/JVN98295787/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"PTW-WMS1 firmware version 2.000.012 allows remote attackers to bypass access restrictions to obtain or delete data on the disk via unspecified vectors."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-10900",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "PTW-WMS1",
"version" : {
"version_data" : [
{
"version_value" : "firmware version 2.000.012"
}
]
}
}
]
},
"vendor_name" : "Princeton Ltd."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PTW-WMS1 firmware version 2.000.012 allows remote attackers to bypass access restrictions to obtain or delete data on the disk via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Fails to restrict access"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jvn.jp/en/jp/JVN98295787/index.html"
}
]
}
}

117
2017/10xxx/CVE-2017-10901.json
View File

@ -1,59 +1,60 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10901",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Princeton Ltd.",
"product": {
"product_data": [
{
"product_name": "PTW-WMS1",
"version": {
"version_data": [
{
"version_value": "firmware version 2.000.012"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Buffer Overflow"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://jvn.jp/en/jp/JVN98295787/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Buffer overflow in PTW-WMS1 firmware version 2.000.012 allows remote attackers to conduct denial-of-service attacks via unspecified vectors."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-10901",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "PTW-WMS1",
"version" : {
"version_data" : [
{
"version_value" : "firmware version 2.000.012"
}
]
}
}
]
},
"vendor_name" : "Princeton Ltd."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in PTW-WMS1 firmware version 2.000.012 allows remote attackers to conduct denial-of-service attacks via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Overflow"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jvn.jp/en/jp/JVN98295787/index.html"
}
]
}
}

117
2017/10xxx/CVE-2017-10902.json
View File

@ -1,59 +1,60 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10902",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Princeton Ltd.",
"product": {
"product_data": [
{
"product_name": "PTW-WMS1",
"version": {
"version_data": [
{
"version_value": "firmware version 2.000.012"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"OS Command Injection"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://jvn.jp/en/jp/JVN98295787/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"PTW-WMS1 firmware version 2.000.012 allows remote attackers to execute arbitrary OS commands via unspecified vectors."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-10902",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "PTW-WMS1",
"version" : {
"version_data" : [
{
"version_value" : "firmware version 2.000.012"
}
]
}
}
]
},
"vendor_name" : "Princeton Ltd."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PTW-WMS1 firmware version 2.000.012 allows remote attackers to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "OS Command Injection"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jvn.jp/en/jp/JVN98295787/index.html"
}
]
}
}

117
2017/10xxx/CVE-2017-10903.json
View File

@ -1,59 +1,60 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10903",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Princeton Ltd.",
"product": {
"product_data": [
{
"product_name": "PTW-WMS1",
"version": {
"version_data": [
{
"version_value": "firmware version 2.000.012"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Improper authentication"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://jvn.jp/en/jp/JVN98295787/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Improper authentication issue in PTW-WMS1 firmware version 2.000.012 allows remote attackers to log in to the device with root privileges and conduct arbitrary operations via unspecified vectors."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-10903",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "PTW-WMS1",
"version" : {
"version_data" : [
{
"version_value" : "firmware version 2.000.012"
}
]
}
}
]
},
"vendor_name" : "Princeton Ltd."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Improper authentication issue in PTW-WMS1 firmware version 2.000.012 allows remote attackers to log in to the device with root privileges and conduct arbitrary operations via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Improper authentication"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jvn.jp/en/jp/JVN98295787/index.html"
}
]
}
}