diff --git a/2019/13xxx/CVE-2019-13519.json b/2019/13xxx/CVE-2019-13519.json new file mode 100644 index 00000000000..2380caf9374 --- /dev/null +++ b/2019/13xxx/CVE-2019-13519.json @@ -0,0 +1,67 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-13519", + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rockwell", + "product": { + "product_data": [ + { + "product_name": "Rockwell Automation Arena Simulation Software", + "version": { + "version_data": [ + { + "version_value": "Versions 16.00.00 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Access of resource using incompatible type ('Type confusion') CWE-843" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-19-213-05", + "url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-05" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-802/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-802/" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities." + } + ] + } +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13521.json b/2019/13xxx/CVE-2019-13521.json new file mode 100644 index 00000000000..684b88d6e1c --- /dev/null +++ b/2019/13xxx/CVE-2019-13521.json @@ -0,0 +1,67 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-13521", + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rockwell", + "product": { + "product_data": [ + { + "product_name": "Rockwell Automation Arena Simulation Software", + "version": { + "version_data": [ + { + "version_value": "Versions 16.00.00 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficient UI warning of dangerous operations CWE-357" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-19-213-05", + "url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-05" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-799/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-799/" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities." + } + ] + } +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3134.json b/2020/3xxx/CVE-2020-3134.json index 6e6543ac9c0..30499dbb653 100644 --- a/2020/3xxx/CVE-2020-3134.json +++ b/2020/3xxx/CVE-2020-3134.json @@ -10,22 +10,21 @@ "vendor": { "vendor_data": [ { + "vendor_name": "Cisco", "product": { "product_data": [ { - "product_name": "Cisco Email Security Appliance (ESA) ", + "product_name": "Cisco Email Security Appliance (ESA)", "version": { "version_data": [ { - "affected": "<", - "version_value": "13.0" + "version_value": "earlier than 13.0" } ] } } ] - }, - "vendor_name": "Cisco" + } } ] } @@ -78,4 +77,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3136.json b/2020/3xxx/CVE-2020-3136.json index c2fd50b2083..9fe9f9194ec 100644 --- a/2020/3xxx/CVE-2020-3136.json +++ b/2020/3xxx/CVE-2020-3136.json @@ -10,22 +10,21 @@ "vendor": { "vendor_data": [ { + "vendor_name": "Cisco", "product": { "product_data": [ { - "product_name": "Cisco Jabber Guest ", + "product_name": "Cisco Jabber Guest", "version": { "version_data": [ { - "affected": "<", - "version_value": "11.1(3)" + "version_value": "before 11.1(3)" } ] } } ] - }, - "vendor_name": "Cisco" + } } ] } @@ -78,4 +77,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3139.json b/2020/3xxx/CVE-2020-3139.json index 4182425a6c5..589bf331fd8 100644 --- a/2020/3xxx/CVE-2020-3139.json +++ b/2020/3xxx/CVE-2020-3139.json @@ -10,22 +10,21 @@ "vendor": { "vendor_data": [ { + "vendor_name": "Cisco", "product": { "product_data": [ { - "product_name": "Cisco Application Policy Infrastructure Controller (APIC) ", + "product_name": "Cisco Application Policy Infrastructure Controller (APIC)", "version": { "version_data": [ { - "affected": "<", - "version_value": "4.2(3j)" + "version_value": "prior to 4.2(3j)" } ] } } ] - }, - "vendor_name": "Cisco" + } } ] } @@ -78,4 +77,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3142.json b/2020/3xxx/CVE-2020-3142.json index 97a9939d452..e5bb6023e02 100644 --- a/2020/3xxx/CVE-2020-3142.json +++ b/2020/3xxx/CVE-2020-3142.json @@ -10,26 +10,24 @@ "vendor": { "vendor_data": [ { + "vendor_name": "Cisco", "product": { "product_data": [ { - "product_name": "Cisco Webex Meetings ", + "product_name": "Cisco Webex Meetings", "version": { "version_data": [ { - "affected": "<", - "version_value": "39.11.5" + "version_value": "earlier than 39.11.5" }, - { - "affected": "<", - "version_value": "40.1.3" + { + "version_value": "earlier than 40.1.3" } ] } } ] - }, - "vendor_name": "Cisco" + } } ] } @@ -82,4 +80,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file