admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-05-29 13:02:57 -04:00
parent d6a889d50b
commit 83dc02f3a9
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
6 changed files with 195 additions and 185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2015/8xxx/CVE-2015-8277.json
View File

@ -72,6 +72,11 @@
"refsource" : "CONFIRM", "refsource" : "CONFIRM",
"url" : "http://support.citrix.com/article/CTX207824" "url" : "http://support.citrix.com/article/CTX207824"
}, },
{
"name" : "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073133",
"refsource" : "CONFIRM",
"url" : "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073133"
},
{ {
"name" : "VU#485744", "name" : "VU#485744",
"refsource" : "CERT-VN", "refsource" : "CERT-VN",

5
2017/13xxx/CVE-2017-13754.json
View File

@ -76,6 +76,11 @@
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-02", "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-02",
"refsource" : "MISC", "refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-02" "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-02"
},
{
"name" : "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073133",
"refsource" : "CONFIRM",
"url" : "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073133"
} }
] ]
} }

75
2018/1xxx/CVE-2018-1235.json
View File

@ -1,73 +1,74 @@
{ {
"CVE_data_meta": { "CVE_data_meta" : {
"ASSIGNER": "security_alert@emc.com", "ASSIGNER" : "security_alert@emc.com",
"DATE_PUBLIC": "2018-05-22T04:00:00.000Z", "DATE_PUBLIC" : "2018-05-22T04:00:00.000Z",
"ID": "CVE-2018-1235", "ID" : "CVE-2018-1235",
"STATE": "PUBLIC" "STATE" : "PUBLIC"
}, },
"affects": { "affects" : {
"vendor": { "vendor" : {
"vendor_data": [ "vendor_data" : [
{ {
"product": { "product" : {
"product_data": [ "product_data" : [
{ {
"product_name": "Dell EMC RecoverPoint", "product_name" : "Dell EMC RecoverPoint",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"affected": "<", "affected" : "<",
"version_value": "5.1.2" "version_value" : "5.1.2"
} }
] ]
} }
}, },
{ {
"product_name": "Dell EMC RecoverPoint Virtual Machine (VM)", "product_name" : "Dell EMC RecoverPoint Virtual Machine (VM)",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"affected": "<", "affected" : "<",
"version_value": "5.1.1.3" "version_value" : "5.1.1.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name": "Dell EMC" "vendor_name" : "Dell EMC"
} }
] ]
} }
}, },
"data_format": "MITRE", "data_format" : "MITRE",
"data_type": "CVE", "data_type" : "CVE",
"data_version": "4.0", "data_version" : "4.0",
"description": { "description" : {
"description_data": [ "description_data" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege.\n" "value" : "Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege."
} }
] ]
}, },
"problemtype": { "problemtype" : {
"problemtype_data": [ "problemtype_data" : [
{ {
"description": [ "description" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "command injection vulnerability" "value" : "command injection vulnerability"
} }
] ]
} }
] ]
}, },
"references": { "references" : {
"reference_data": [ "reference_data" : [
{ {
"refsource": "CONFIRM", "name" : "20180522 DSA-2018-095: Dell EMC RecoverPoint Multiple Vulnerabilities",
"url": "http://seclists.org/fulldisclosure/2018/May/61" "refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2018/May/61"
} }
] ]
} }

75
2018/1xxx/CVE-2018-1241.json
View File

@ -1,73 +1,74 @@
{ {
"CVE_data_meta": { "CVE_data_meta" : {
"ASSIGNER": "security_alert@emc.com", "ASSIGNER" : "security_alert@emc.com",
"DATE_PUBLIC": "2018-05-22T04:00:00.000Z", "DATE_PUBLIC" : "2018-05-22T04:00:00.000Z",
"ID": "CVE-2018-1241", "ID" : "CVE-2018-1241",
"STATE": "PUBLIC" "STATE" : "PUBLIC"
}, },
"affects": { "affects" : {
"vendor": { "vendor" : {
"vendor_data": [ "vendor_data" : [
{ {
"product": { "product" : {
"product_data": [ "product_data" : [
{ {
"product_name": "Dell EMC RecoverPoint", "product_name" : "Dell EMC RecoverPoint",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"affected": "<", "affected" : "<",
"version_value": "5.1.2" "version_value" : "5.1.2"
} }
] ]
} }
}, },
{ {
"product_name": "Dell EMC RecoverPoint Virtual Machine (VM)", "product_name" : "Dell EMC RecoverPoint Virtual Machine (VM)",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"affected": "<", "affected" : "<",
"version_value": "5.1.1.3" "version_value" : "5.1.1.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name": "Dell EMC" "vendor_name" : "Dell EMC"
} }
] ]
} }
}, },
"data_format": "MITRE", "data_format" : "MITRE",
"data_type": "CVE", "data_type" : "CVE",
"data_version": "4.0", "data_version" : "4.0",
"description": { "description" : {
"description_data": [ "description_data" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. An authenticated malicious user with access to the RecoverPoint log files may obtain the exposed LDAP password to use it in further attacks.\n" "value" : "Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. An authenticated malicious user with access to the RecoverPoint log files may obtain the exposed LDAP password to use it in further attacks."
} }
] ]
}, },
"problemtype": { "problemtype" : {
"problemtype_data": [ "problemtype_data" : [
{ {
"description": [ "description" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "CWE-532: Information Exposure Through Log Files" "value" : "CWE-532: Information Exposure Through Log Files"
} }
] ]
} }
] ]
}, },
"references": { "references" : {
"reference_data": [ "reference_data" : [
{ {
"refsource": "CONFIRM", "name" : "20180522 DSA-2018-095: Dell EMC RecoverPoint Multiple Vulnerabilities",
"url": "http://seclists.org/fulldisclosure/2018/May/61" "refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2018/May/61"
} }
] ]
} }

75
2018/1xxx/CVE-2018-1242.json
View File

@ -1,73 +1,74 @@
{ {
"CVE_data_meta": { "CVE_data_meta" : {
"ASSIGNER": "security_alert@emc.com", "ASSIGNER" : "security_alert@emc.com",
"DATE_PUBLIC": "2018-05-22T04:00:00.000Z", "DATE_PUBLIC" : "2018-05-22T04:00:00.000Z",
"ID": "CVE-2018-1242", "ID" : "CVE-2018-1242",
"STATE": "PUBLIC" "STATE" : "PUBLIC"
}, },
"affects": { "affects" : {
"vendor": { "vendor" : {
"vendor_data": [ "vendor_data" : [
{ {
"product": { "product" : {
"product_data": [ "product_data" : [
{ {
"product_name": "Dell EMC RecoverPoint", "product_name" : "Dell EMC RecoverPoint",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"affected": "<", "affected" : "<",
"version_value": "5.1.2" "version_value" : "5.1.2"
} }
] ]
} }
}, },
{ {
"product_name": "Dell EMC RecoverPoint Virtual Machine (VM)", "product_name" : "Dell EMC RecoverPoint Virtual Machine (VM)",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"affected": "<", "affected" : "<",
"version_value": "5.1.1.3" "version_value" : "5.1.1.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name": "Dell EMC" "vendor_name" : "Dell EMC"
} }
] ]
} }
}, },
"data_format": "MITRE", "data_format" : "MITRE",
"data_type": "CVE", "data_type" : "CVE",
"data_version": "4.0", "data_version" : "4.0",
"description": { "description" : {
"description_data": [ "description_data" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contains a command injection vulnerability in the Boxmgmt CLI. An authenticated malicious user with boxmgmt privileges may potentially exploit this vulnerability to read RPA files. Note that files that require root permission cannot be read." "value" : "Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contains a command injection vulnerability in the Boxmgmt CLI. An authenticated malicious user with boxmgmt privileges may potentially exploit this vulnerability to read RPA files. Note that files that require root permission cannot be read."
} }
] ]
}, },
"problemtype": { "problemtype" : {
"problemtype_data": [ "problemtype_data" : [
{ {
"description": [ "description" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "command injection vulnerability" "value" : "command injection vulnerability"
} }
] ]
} }
] ]
}, },
"references": { "references" : {
"reference_data": [ "reference_data" : [
{ {
"refsource": "CONFIRM", "name" : "20180522 DSA-2018-095: Dell EMC RecoverPoint Multiple Vulnerabilities",
"url": "http://seclists.org/fulldisclosure/2018/May/61" "refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2018/May/61"
} }
] ]
} }

141
2018/1xxx/CVE-2018-1495.json
View File

@ -1,5 +1,46 @@
{ {
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-05-11T00:00:00",
"ID" : "CVE-2018-1495",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "FlashSystem V900",
"version" : {
"version_data" : [
{
"version_value" : " "
}
]
}
},
{
"product_name" : "FlashSystem V840",
"version" : {
"version_data" : [
{
"version_value" : " "
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
"data_version" : "4.0",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
@ -8,99 +49,55 @@
} }
] ]
}, },
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "H",
"AC" : "L",
"AV" : "N",
"C" : "N",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "6.500",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : { "problemtype" : {
"problemtype_data" : [ "problemtype_data" : [
{ {
"description" : [ "description" : [
{ {
"value" : "Denial of Service", "lang" : "eng",
"lang" : "eng" "value" : "Denial of Service"
} }
] ]
} }
] ]
}, },
"impact" : {
"cvssv3" : {
"BM" : {
"I" : "N",
"C" : "N",
"UI" : "N",
"A" : "H",
"PR" : "L",
"S" : "U",
"AC" : "L",
"AV" : "N",
"SCORE" : "6.500"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"title" : "IBM Security Bulletin S1012281 (FlashSystem V840)", "name" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1012280",
"refsource" : "CONFIRM", "refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1012280"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1012281", "name" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1012281",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1012281" "url" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1012281"
}, },
{
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1012280",
"url" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1012280",
"title" : "IBM Security Bulletin S1012280 (FlashSystem 840)"
},
{ {
"name" : "ibm-flashsystem-cve20181495-dos(141148)", "name" : "ibm-flashsystem-cve20181495-dos(141148)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/141148",
"refsource" : "XF", "refsource" : "XF",
"title" : "X-Force Vulnerability Report" "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/141148"
} }
] ]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1495",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2018-05-11T00:00:00"
},
"data_format" : "MITRE",
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : " "
}
]
},
"product_name" : "FlashSystem V900"
},
{
"version" : {
"version_data" : [
{
"version_value" : " "
}
]
},
"product_name" : "FlashSystem V840"
}
]
},
"vendor_name" : "IBM"
}
]
}
} }
} }