admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

IBM20200423-9738

Browse Source 
Added CVE-2019-4735, CVE-2019-4668, CVE-2020-4415, CVE-2020-4202, CVE-2020-4353, CVE-2020-4311
This commit is contained in:
Scott Moore - IBM 2020-04-23 09:07:38 -04:00
parent b321a64017
commit 618267bf08
No known key found for this signature in database
GPG Key ID: 8E6C411D57F2D75C
6 changed files with 534 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
2019/4xxx/CVE-2019-4668.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4668",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"PR" : "N",
"SCORE" : "6.200",
"UI" : "N",
"A" : "N",
"C" : "H",
"I" : "N",
"AV" : "L",
"S" : "U"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6195699",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6195699",
"title" : "IBM Security Bulletin 6195699 (UrbanCode Deploy)"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/171250",
"refsource" : "XF",
"name" : "ibm-ucd-cve20194668-info-disc (171250)"
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-04-21T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2019-4668"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "UrbanCode Deploy",
"version" : {
"version_data" : [
{
"version_value" : "7.0.4.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM UrbanCode Deploy (UCD) 7.0.4.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 171250."
}
]
},
"data_version" : "4.0"
}

102
2019/4xxx/CVE-2019-4735.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4735",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "N",
"SCORE" : "2.400",
"AC" : "L",
"AV" : "P",
"S" : "U",
"C" : "L",
"A" : "N",
"I" : "N",
"UI" : "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6151767",
"title" : "IBM Security Bulletin 6151767 (MaaS360)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6151767"
},
{
"name" : "ibm-maas360-cve20194735-info-disc (172705)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/172705"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "MaaS360",
"version" : {
"version_data" : [
{
"version_value" : "3.96.62"
}
]
}
}
]
}
}
]
}
}
]
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM MaaS360 3.96.62 for iOS could allow an attacker with physical access to the device to obtain sensitive information from the agent outside of the container. IBM X-Force ID: 172705."
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2019-4735",
"DATE_PUBLIC" : "2020-04-14T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com"
}
}

105
2020/4xxx/CVE-2020-4202.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4202",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"AV" : "N",
"UI" : "N",
"C" : "L",
"A" : "L",
"I" : "L",
"PR" : "L",
"SCORE" : "5.000",
"AC" : "H"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2020-4202",
"DATE_PUBLIC" : "2020-04-21T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "UrbanCode Deploy",
"version" : {
"version_data" : [
{
"version_value" : "7.0.3.0"
},
{
"version_value" : "7.0.4.0"
}
]
}
}
]
}
}
]
}
}
]
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM UrbanCode Deploy (UCD) 7.0.3.0 and 7.0.4.0 could allow an authenticated user to impersonate another user if the server is configured to enable Distributed Front End (DFE). IBM X-Force ID: 174955.",
"lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6195701",
"title" : "IBM Security Bulletin 6195701 (UrbanCode Deploy)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6195701"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174955",
"name" : "ibm-ucd-cve20204202-priv-escalation (174955)"
}
]
},
"data_type" : "CVE"
}

102
2020/4xxx/CVE-2020-4311.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4311",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6198358",
"url" : "https://www.ibm.com/support/pages/node/6198358",
"title" : "IBM Security Bulletin 6198358 (Tivoli Monitoring)",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-tivoli-cve20204311-code-exec (177083)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-04-22T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4311",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Tivoli Monitoring",
"version" : {
"version_data" : [
{
"version_value" : "6.3.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"AV" : "L",
"S" : "U",
"UI" : "N",
"A" : "H",
"C" : "H",
"I" : "H",
"SCORE" : "7.400",
"PR" : "N",
"AC" : "H"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
}
}

102
2020/4xxx/CVE-2020-4353.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4353",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2020-04-14T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2020-4353"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM MaaS360 6.82 could allow a user with pysical access to the device to crash the application which may enable the user to access restricted applications and device settings. IBM X-Force ID: 178505."
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "MaaS360",
"version" : {
"version_data" : [
{
"version_value" : "6.82"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6151773",
"title" : "IBM Security Bulletin 6151773 (MaaS360)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6151773"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/178505",
"name" : "ibm-maas360-cve20204353-dos (178505)"
}
]
},
"data_type" : "CVE",
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "N",
"SCORE" : "4.600",
"AC" : "L",
"AV" : "P",
"S" : "U",
"A" : "H",
"I" : "N",
"C" : "N",
"UI" : "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
}
}

111
2020/4xxx/CVE-2020-4415.json
View File

@ -1,18 +1,99 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4415",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"PR" : "N",
"SCORE" : "9.800",
"AC" : "L",
"AV" : "N",
"S" : "U",
"I" : "H",
"A" : "H",
"C" : "H",
"UI" : "N"
}
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6195706",
"title" : "IBM Security Bulletin 6195706 (Spectrum Protect)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6195706"
},
{
"name" : "ibm-spectrum-cve20204415-bo (179990)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/179990",
"title" : "X-Force Vulnerability Report"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectrum Protect server or cause the Spectrum Protect server to crash. IBM X-Force ID: 179990."
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.1.0.0"
},
{
"version_value" : "7.1.10.0"
},
{
"version_value" : "8.1.0.0"
},
{
"version_value" : "8.1.9.200"
}
]
},
"product_name" : "Spectrum Protect"
}
]
}
}
]
}
}
]
}
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-04-21T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2020-4415"
}
}