From 7c14c054c6217dd13acb7dcecdcda2ba75f6799f Mon Sep 17 00:00:00 2001
From: Scott Moore - IBM <stmoore@us.ibm.com>
Date: Wed, 21 Nov 2018 09:18:06 -0500
Subject: [PATCH] IBM20181121-9186

Added CVE-2018-1843
---
 2018/1xxx/CVE-2018-1843.json | 92 ++++++++++++++++++++++++++++++++----
 1 file changed, 82 insertions(+), 10 deletions(-)

diff --git a/2018/1xxx/CVE-2018-1843.json b/2018/1xxx/CVE-2018-1843.json
index 4683db6c723..2403b3ed11f 100644
--- a/2018/1xxx/CVE-2018-1843.json
+++ b/2018/1xxx/CVE-2018-1843.json
@@ -1,18 +1,90 @@
 {
-   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
-      "ID" : "CVE-2018-1843",
-      "STATE" : "RESERVED"
-   },
-   "data_format" : "MITRE",
    "data_type" : "CVE",
-   "data_version" : "4.0",
+   "data_format" : "MITRE",
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "vendor_name" : "IBM",
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "Cloud Private",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "3.1.0"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               }
+            }
+         ]
+      }
+   },
+   "impact" : {
+      "cvssv3" : {
+         "TM" : {
+            "RC" : "C",
+            "E" : "U",
+            "RL" : "O"
+         },
+         "BM" : {
+            "A" : "N",
+            "S" : "U",
+            "C" : "H",
+            "I" : "N",
+            "SCORE" : "4.100",
+            "PR" : "H",
+            "AV" : "L",
+            "UI" : "N",
+            "AC" : "H"
+         }
+      }
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "Obtain Information"
+               }
+            ]
+         }
+      ]
+   },
    "description" : {
       "description_data" : [
          {
-            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+            "value" : "The Identity and Access Management (IAM) services (IBM Cloud Private 3.1.0) do not use a secure channel, such as SSL, to exchange information only when accessed internally from within the cluster. It could be possible for an attacker with access to network traffic to sniff packets from the connection and uncover data.  IBM X-Force ID:  150903",
+            "lang" : "eng"
          }
       ]
-   }
+   },
+   "CVE_data_meta" : {
+      "ASSIGNER" : "psirt@us.ibm.com",
+      "ID" : "CVE-2018-1843",
+      "STATE" : "PUBLIC",
+      "DATE_PUBLIC" : "2018-11-19T00:00:00"
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "title" : "IBM Security Bulletin 0739845 (Cloud Private)",
+            "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10739845",
+            "refsource" : "CONFIRM",
+            "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10739845"
+         },
+         {
+            "name" : "ibm-cloud-cve20181843-info-disc (150903)",
+            "title" : "X-Force Vulnerability Report",
+            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/150903",
+            "refsource" : "XF"
+         }
+      ]
+   },
+   "data_version" : "4.0"
 }