diff --git a/2018/10xxx/CVE-2018-10231.json b/2018/10xxx/CVE-2018-10231.json index 64f6b03f0ba..b1e099a9bb6 100644 --- a/2018/10xxx/CVE-2018-10231.json +++ b/2018/10xxx/CVE-2018-10231.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-10231", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Cross-site scripting (XSS) vulnerability in TOPdesk before 8.05.017 (June 2018 version) and before 5.7.SR9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://page.topdesk.com/cve-2018-10231-and-cve-2018-10232?hs_preview=slNSCcfI-5931819551", + "refsource" : "CONFIRM", + "url" : "https://page.topdesk.com/cve-2018-10231-and-cve-2018-10232?hs_preview=slNSCcfI-5931819551" } ] } diff --git a/2018/10xxx/CVE-2018-10232.json b/2018/10xxx/CVE-2018-10232.json index bbe5f647789..7e0b194c4a2 100644 --- a/2018/10xxx/CVE-2018-10232.json +++ b/2018/10xxx/CVE-2018-10232.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-10232", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Cross-site request forgery (CSRF) vulnerability in TOPdesk before 8.05.017 (June 2018 version) and before 5.7.SR9 allows remote attackers to hijack the authentication of authenticated users for requests that can obtain sensitive information via unspecified vectors." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://page.topdesk.com/cve-2018-10231-and-cve-2018-10232?hs_preview=slNSCcfI-5931819551", + "refsource" : "CONFIRM", + "url" : "https://page.topdesk.com/cve-2018-10231-and-cve-2018-10232?hs_preview=slNSCcfI-5931819551" } ] } diff --git a/2018/10xxx/CVE-2018-10633.json b/2018/10xxx/CVE-2018-10633.json index 5a60ccba47b..a00343f4f0b 100644 --- a/2018/10xxx/CVE-2018-10633.json +++ b/2018/10xxx/CVE-2018-10633.json @@ -35,7 +35,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "The application utilizes hard-coded credentials that may allow an attacker to reset passwords for the controller." + "value" : "Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded credentials that may allow an attacker to reset passwords for the controller." } ] }, @@ -54,6 +54,8 @@ "references" : { "reference_data" : [ { + "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-01", + "refsource" : "MISC", "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-01" } ] diff --git a/2018/10xxx/CVE-2018-10635.json b/2018/10xxx/CVE-2018-10635.json index 976d13927ac..954edcdf14e 100644 --- a/2018/10xxx/CVE-2018-10635.json +++ b/2018/10xxx/CVE-2018-10635.json @@ -35,7 +35,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "Ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. This enables a remote attacker who has access to the ports to remotely execute code that may allow root access to be obtained." + "value" : "In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. This enables a remote attacker who has access to the ports to remotely execute code that may allow root access to be obtained." } ] }, @@ -54,6 +54,8 @@ "references" : { "reference_data" : [ { + "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-01", + "refsource" : "MISC", "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-01" } ] diff --git a/2018/13xxx/CVE-2018-13990.json b/2018/13xxx/CVE-2018-13990.json new file mode 100644 index 00000000000..4d26c8af896 --- /dev/null +++ b/2018/13xxx/CVE-2018-13990.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-13990", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/13xxx/CVE-2018-13991.json b/2018/13xxx/CVE-2018-13991.json new file mode 100644 index 00000000000..faeab40c610 --- /dev/null +++ b/2018/13xxx/CVE-2018-13991.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-13991", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/13xxx/CVE-2018-13992.json b/2018/13xxx/CVE-2018-13992.json new file mode 100644 index 00000000000..df7a29eb5a2 --- /dev/null +++ b/2018/13xxx/CVE-2018-13992.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-13992", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/13xxx/CVE-2018-13993.json b/2018/13xxx/CVE-2018-13993.json new file mode 100644 index 00000000000..954dc27b116 --- /dev/null +++ b/2018/13xxx/CVE-2018-13993.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-13993", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/13xxx/CVE-2018-13994.json b/2018/13xxx/CVE-2018-13994.json new file mode 100644 index 00000000000..bb285bf0d81 --- /dev/null +++ b/2018/13xxx/CVE-2018-13994.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-13994", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/1xxx/CVE-2018-1423.json b/2018/1xxx/CVE-2018-1423.json index 3859e871c46..040621deebe 100644 --- a/2018/1xxx/CVE-2018-1423.json +++ b/2018/1xxx/CVE-2018-1423.json @@ -251,7 +251,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks agains the system. IBM X-Force ID: 139026." + "value" : "IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks against the system. IBM X-Force ID: 139026." } ] },