mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-08 03:27:03 +00:00
Auto-merge PR#2587
Auto-merge PR#2587
This commit is contained in:
CVE Team
GitHub
commit
7fa55f4154
@ -1,18 +1,93 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2019-4262",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "https://www.ibm.com/support/pages/node/1074538",
|
||||
"refsource" : "CONFIRM",
|
||||
"title" : "IBM Security Bulletin 1074538 (QRadar SIEM)",
|
||||
"name" : "https://www.ibm.com/support/pages/node/1074538"
|
||||
},
|
||||
{
|
||||
"refsource" : "XF",
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/160014",
|
||||
"name" : "ibm-qradar-cve20194262-ssrf (160014)"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"vendor_name" : "IBM",
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "7.2"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.3"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "QRadar SIEM"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_type" : "CVE",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"value" : "IBM QRadar SIEM 7.2 and 7.3 is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the QRadar system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 160014.",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"value" : "Gain Access",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"CVE_data_meta" : {
|
||||
"ID" : "CVE-2019-4262",
|
||||
"STATE" : "PUBLIC",
|
||||
"DATE_PUBLIC" : "2019-09-24T00:00:00",
|
||||
"ASSIGNER" : "psirt@us.ibm.com"
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"data_version" : "4.0",
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"AV" : "N",
|
||||
"PR" : "N",
|
||||
"I" : "L",
|
||||
"AC" : "L",
|
||||
"S" : "U",
|
||||
"SCORE" : "5.300",
|
||||
"C" : "N",
|
||||
"A" : "N",
|
||||
"UI" : "N"
|
||||
},
|
||||
"TM" : {
|
||||
"RC" : "C",
|
||||
"RL" : "O",
|
||||
"E" : "U"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,18 +1,222 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2019-4378",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
"data_version" : "4.0",
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"TM" : {
|
||||
"E" : "U",
|
||||
"RC" : "C",
|
||||
"RL" : "O"
|
||||
},
|
||||
"BM" : {
|
||||
"SCORE" : "5.300",
|
||||
"C" : "N",
|
||||
"A" : "H",
|
||||
"AC" : "H",
|
||||
"S" : "U",
|
||||
"UI" : "N",
|
||||
"AV" : "N",
|
||||
"I" : "N",
|
||||
"PR" : "L"
|
||||
}
|
||||
}
|
||||
},
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"value" : "Denial of Service",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"CVE_data_meta" : {
|
||||
"DATE_PUBLIC" : "2019-09-17T00:00:00",
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"STATE" : "PUBLIC",
|
||||
"ID" : "CVE-2019-4378"
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "https://supportcontent.ibm.com/support/pages/node/886885",
|
||||
"refsource" : "CONFIRM",
|
||||
"title" : "IBM Security Bulletin 886885 (MQ)",
|
||||
"name" : "https://supportcontent.ibm.com/support/pages/node/886885"
|
||||
},
|
||||
{
|
||||
"name" : "ibm-mq-cve20194378-dos (162084)",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/162084",
|
||||
"refsource" : "XF",
|
||||
"title" : "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"vendor_name" : "IBM",
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"product_name" : "MQ",
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "9.0.0.1"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.0.0.1"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.0.0.2"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.0.0.3"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.0.0.4"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.0.0.5"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.0.0.6"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.0.0.7"
|
||||
},
|
||||
{
|
||||
"version_value" : "9.0.0.2"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.5.0.1"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.5.0.2"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.5.0.3"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.5.0.4"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.5.0.5"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.5.0.6"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.5.0.7"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.5.0.8"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.0.0.8"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.1.0.1"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.1.0.2"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.1.0.3"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.1.0.4"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.1.0.5"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.1.0.6"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.1.0.7"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.0.0.9"
|
||||
},
|
||||
{
|
||||
"version_value" : "9.0.0.3"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.0.0.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.0.0.10"
|
||||
},
|
||||
{
|
||||
"version_value" : "9.0.0.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "9.0.0.4"
|
||||
},
|
||||
{
|
||||
"version_value" : "9.0.0.5"
|
||||
},
|
||||
{
|
||||
"version_value" : "9.1.0.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "9.1.0.1"
|
||||
},
|
||||
{
|
||||
"version_value" : "9.1.1"
|
||||
},
|
||||
{
|
||||
"version_value" : "9.1.0.2"
|
||||
},
|
||||
{
|
||||
"version_value" : "9.1.2"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.0.0.11"
|
||||
},
|
||||
{
|
||||
"version_value" : "9.0.0.6"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.1.0.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.1.0.8"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.1.0.9"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.5.0.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "7.5.0.9"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.0.0.12"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"value" : "IBM MQ 7.5.0.0 - 7.5.0.9, 7.1.0.0 - 7.1.0.9, 8.0.0.0 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 command server is vulnerable to a denial of service attack caused by an authenticated and authorized user using specially crafted PCF messages. IBM X-Force ID: 162084.",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type" : "CVE"
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user