- Synchronized data.

This commit is contained in:
CVE Team 2018-06-12 10:04:23 -04:00
parent f203f4fdcc
commit 84d5e94074
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
15 changed files with 485 additions and 104 deletions

View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta": { "CVE_data_meta" : {
"ASSIGNER": "psirt@mcafee.com", "ASSIGNER" : "psirt@mcafee.com",
"ID": "CVE-2017-3960", "ID" : "CVE-2017-3960",
"STATE": "PUBLIC", "STATE" : "PUBLIC",
"TITLE": "McAfee Network Security Management (NSM) - Exploitation of Authorization vulnerability" "TITLE" : "McAfee Network Security Management (NSM) - Exploitation of Authorization vulnerability"
}, },
"affects": { "affects" : {
"vendor": { "vendor" : {
"vendor_data": [ "vendor_data" : [
{ {
"product": { "product" : {
"product_data": [ "product_data" : [
{ {
"product_name": "Network Security Management (NSM)", "product_name" : "Network Security Management (NSM)",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"affected": "<", "affected" : "<",
"platform": "x86", "platform" : "x86",
"version_name": "8", "version_name" : "8",
"version_value": "8.2.7.42.2" "version_value" : "8.2.7.42.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name": "McAfee" "vendor_name" : "McAfee"
} }
] ]
} }
}, },
"data_format": "MITRE", "data_format" : "MITRE",
"data_type": "CVE", "data_type" : "CVE",
"data_version": "4.0", "data_version" : "4.0",
"description": { "description" : {
"description_data": [ "description_data" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "Exploitation of Authorization vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to gain elevated privileges via a crafted HTTP request parameter.\n" "value" : "Exploitation of Authorization vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to gain elevated privileges via a crafted HTTP request parameter."
} }
] ]
}, },
"impact": { "impact" : {
"cvss": { "cvss" : {
"attackComplexity": "LOW", "attackComplexity" : "LOW",
"attackVector": "NETWORK", "attackVector" : "NETWORK",
"availabilityImpact": "LOW", "availabilityImpact" : "LOW",
"baseScore": 5.9, "baseScore" : 5.9,
"baseSeverity": "MEDIUM", "baseSeverity" : "MEDIUM",
"confidentialityImpact": "LOW", "confidentialityImpact" : "LOW",
"integrityImpact": "LOW", "integrityImpact" : "LOW",
"privilegesRequired": "HIGH", "privilegesRequired" : "HIGH",
"scope": "CHANGED", "scope" : "CHANGED",
"userInteraction": "REQUIRED", "userInteraction" : "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.0" "version" : "3.0"
} }
}, },
"problemtype": { "problemtype" : {
"problemtype_data": [ "problemtype_data" : [
{ {
"description": [ "description" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "Exploitation of Authorization vulnerability" "value" : "Exploitation of Authorization vulnerability"
} }
] ]
} }
] ]
}, },
"references": { "references" : {
"reference_data": [ "reference_data" : [
{ {
"name": "McAfee - Security Bulletin SB10192", "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10192",
"refsource": "CONFIRM", "refsource" : "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10192" "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10192"
} }
] ]
}, },
"source": { "source" : {
"advisory": "SB10192", "advisory" : "SB10192",
"discovery": "UNKNOWN" "discovery" : "UNKNOWN"
} }
} }

View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta": { "CVE_data_meta" : {
"ASSIGNER": "psirt@mcafee.com", "ASSIGNER" : "psirt@mcafee.com",
"ID": "CVE-2017-3962", "ID" : "CVE-2017-3962",
"STATE": "PUBLIC", "STATE" : "PUBLIC",
"TITLE": "McAfee Network Security Management (NSM) - Password recovery exploitation vulnerability" "TITLE" : "McAfee Network Security Management (NSM) - Password recovery exploitation vulnerability"
}, },
"affects": { "affects" : {
"vendor": { "vendor" : {
"vendor_data": [ "vendor_data" : [
{ {
"product": { "product" : {
"product_data": [ "product_data" : [
{ {
"product_name": "Network Security Management (NSM)", "product_name" : "Network Security Management (NSM)",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"affected": "<", "affected" : "<",
"platform": "x86", "platform" : "x86",
"version_name": "8", "version_name" : "8",
"version_value": "8.2.7.42.2" "version_value" : "8.2.7.42.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name": "McAfee" "vendor_name" : "McAfee"
} }
] ]
} }
}, },
"data_format": "MITRE", "data_format" : "MITRE",
"data_type": "CVE", "data_type" : "CVE",
"data_version": "4.0", "data_version" : "4.0",
"description": { "description" : {
"description_data": [ "description_data" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes.\n" "value" : "Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes."
} }
] ]
}, },
"impact": { "impact" : {
"cvss": { "cvss" : {
"attackComplexity": "HIGH", "attackComplexity" : "HIGH",
"attackVector": "NETWORK", "attackVector" : "NETWORK",
"availabilityImpact": "LOW", "availabilityImpact" : "LOW",
"baseScore": 5.6, "baseScore" : 5.6,
"baseSeverity": "MEDIUM", "baseSeverity" : "MEDIUM",
"confidentialityImpact": "LOW", "confidentialityImpact" : "LOW",
"integrityImpact": "LOW", "integrityImpact" : "LOW",
"privilegesRequired": "NONE", "privilegesRequired" : "NONE",
"scope": "UNCHANGED", "scope" : "UNCHANGED",
"userInteraction": "NONE", "userInteraction" : "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "vectorString" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0" "version" : "3.0"
} }
}, },
"problemtype": { "problemtype" : {
"problemtype_data": [ "problemtype_data" : [
{ {
"description": [ "description" : [
{ {
"lang": "eng", "lang" : "eng",
"value": "Password recovery exploitation vulnerability\n" "value" : "Password recovery exploitation vulnerability\n"
} }
] ]
} }
] ]
}, },
"references": { "references" : {
"reference_data": [ "reference_data" : [
{ {
"name": "McAfee - Security Bulletin SB10192", "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10192",
"refsource": "CONFIRM", "refsource" : "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10192" "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10192"
} }
] ]
}, },
"source": { "source" : {
"advisory": "SB10192", "advisory" : "SB10192",
"discovery": "UNKNOWN" "discovery" : "UNKNOWN"
} }
} }

View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12237",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12238",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12239",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12240",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12241",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12242",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12243",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12244",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12245",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12246",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12247",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded flag)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/mruby/mruby/commit/55edae0226409de25e59922807cb09acb45731a2",
"refsource" : "MISC",
"url" : "https://github.com/mruby/mruby/commit/55edae0226409de25e59922807cb09acb45731a2"
},
{
"name" : "https://github.com/mruby/mruby/issues/4036",
"refsource" : "MISC",
"url" : "https://github.com/mruby/mruby/issues/4036"
}
]
}
}

View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12248",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OP_ENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/mruby/mruby/commit/778500563a9f7ceba996937dc886bd8cde29b42b",
"refsource" : "MISC",
"url" : "https://github.com/mruby/mruby/commit/778500563a9f7ceba996937dc886bd8cde29b42b"
},
{
"name" : "https://github.com/mruby/mruby/issues/4038",
"refsource" : "MISC",
"url" : "https://github.com/mruby/mruby/issues/4038"
}
]
}
}

View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12249",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class_real because \"class BasicObject\" is not properly supported in class.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/mruby/mruby/commit/faa4eaf6803bd11669bc324b4c34e7162286bfa3",
"refsource" : "MISC",
"url" : "https://github.com/mruby/mruby/commit/faa4eaf6803bd11669bc324b4c34e7162286bfa3"
},
{
"name" : "https://github.com/mruby/mruby/issues/4037",
"refsource" : "MISC",
"url" : "https://github.com/mruby/mruby/issues/4037"
}
]
}
}