diff --git a/2017/1xxx/CVE-2017-1748.json b/2017/1xxx/CVE-2017-1748.json index 9a3134d7e80..8a58d743704 100644 --- a/2017/1xxx/CVE-2017-1748.json +++ b/2017/1xxx/CVE-2017-1748.json @@ -1,11 +1,9 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", "CVE_data_meta" : { - "DATE_PUBLIC" : "2018-05-30T00:00:00", "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "ID" : "CVE-2017-1748" + "DATE_PUBLIC" : "2018-05-30T00:00:00", + "ID" : "CVE-2017-1748", + "STATE" : "PUBLIC" }, "affects" : { "vendor" : { @@ -36,61 +34,61 @@ ] } }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", "description" : { "description_data" : [ { - "value" : "IBM Connections 5.0, 5.5, and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 135521.", - "lang" : "eng" - } - ] - }, - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22016698", - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22016698", - "title" : "IBM Security Bulletin 2016698 (Connections)" - }, - { - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/135521", - "name" : "ibm-connections-cve20171748-open-redirect(135521)", - "title" : "X-Force Vulnerability Report" + "lang" : "eng", + "value" : "IBM Connections 5.0, 5.5, and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 135521." } ] }, "impact" : { "cvssv3" : { "BM" : { - "I" : "H", - "PR" : "L", + "A" : "N", "AC" : "L", "AV" : "N", "C" : "N", - "UI" : "R", + "I" : "H", + "PR" : "L", "S" : "C", - "A" : "N", - "SCORE" : "6.800" + "SCORE" : "6.800", + "UI" : "R" }, "TM" : { - "RL" : "O", "E" : "U", - "RC" : "C" + "RC" : "C", + "RL" : "O" } } }, - "data_version" : "4.0", "problemtype" : { "problemtype_data" : [ { "description" : [ { - "value" : "Gain Access", - "lang" : "eng" + "lang" : "eng", + "value" : "Gain Access" } ] } ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.ibm.com/support/docview.wss?uid=swg22016698", + "refsource" : "CONFIRM", + "url" : "http://www.ibm.com/support/docview.wss?uid=swg22016698" + }, + { + "name" : "ibm-connections-cve20171748-open-redirect(135521)", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/135521" + } + ] } -} \ No newline at end of file +} diff --git a/2018/11xxx/CVE-2018-11715.json b/2018/11xxx/CVE-2018-11715.json new file mode 100644 index 00000000000..2b2ba308123 --- /dev/null +++ b/2018/11xxx/CVE-2018-11715.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-11715", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://community.mybb.com/mods.php?action=changelog&pid=842", + "refsource" : "MISC", + "url" : "https://community.mybb.com/mods.php?action=changelog&pid=842" + } + ] + } +} diff --git a/2018/1xxx/CVE-2018-1600.json b/2018/1xxx/CVE-2018-1600.json index 442f8acfc2b..e1fd45b243c 100644 --- a/2018/1xxx/CVE-2018-1600.json +++ b/2018/1xxx/CVE-2018-1600.json @@ -1,46 +1,9 @@ { - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } - ] - } - ] - }, - "data_format" : "MITRE", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a communication channel that can be sniffed by unauthorized actors. IBM X-Force ID: 143745." - } - ] - }, - "references" : { - "reference_data" : [ - { - "title" : "IBM Security Bulletin 2015754 (BigFix Platform)", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22015754", - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22015754", - "refsource" : "CONFIRM" - }, - { - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/143745", - "name" : "ibm-bigfix-cve20181600-info-disc(143745)", - "title" : "X-Force Vulnerability Report" - } - ] - }, "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ID" : "CVE-2018-1600", "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2018-05-24T00:00:00" + "DATE_PUBLIC" : "2018-05-24T00:00:00", + "ID" : "CVE-2018-1600", + "STATE" : "PUBLIC" }, "affects" : { "vendor" : { @@ -68,26 +31,61 @@ ] } }, + "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a communication channel that can be sniffed by unauthorized actors. IBM X-Force ID: 143745." + } + ] + }, "impact" : { "cvssv3" : { - "TM" : { - "RL" : "O", - "E" : "U", - "RC" : "C" - }, "BM" : { - "S" : "C", - "PR" : "N", - "AV" : "N", - "UI" : "N", - "AC" : "L", "A" : "N", + "AC" : "L", + "AV" : "N", "C" : "H", + "I" : "N", + "PR" : "N", + "S" : "C", "SCORE" : "8.600", - "I" : "N" + "UI" : "N" + }, + "TM" : { + "E" : "U", + "RC" : "C", + "RL" : "O" } } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.ibm.com/support/docview.wss?uid=swg22015754", + "refsource" : "CONFIRM", + "url" : "http://www.ibm.com/support/docview.wss?uid=swg22015754" + }, + { + "name" : "ibm-bigfix-cve20181600-info-disc(143745)", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/143745" + } + ] } }