diff --git a/2018/1000xxx/CVE-2018-1000854.json b/2018/1000xxx/CVE-2018-1000854.json
index b15b037fe27..4a01c00b3dd 100644
--- a/2018/1000xxx/CVE-2018-1000854.json
+++ b/2018/1000xxx/CVE-2018-1000854.json
@@ -1 +1,65 @@
-{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-12-05T14:18:48.092795", "DATE_REQUESTED": "2018-10-19T16:32:46", "ID": "CVE-2018-1000854", "REQUESTER": "nicolas.richeton@gmail.com" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "esigate", "version": { "version_data": [ { "version_value": "5.2 and earlier" } ] } } ] }, "vendor_name": "esigate.org" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable via Use of another weakness in backend application to reflect ESI directives. This vulnerability appears to have been fixed in 5.3." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')" } ] } ] }, "references": { "reference_data": [ { "url": "https://github.com/esigate/esigate/issues/209" } ] } }
\ No newline at end of file
+{
+ "CVE_data_meta" : {
+ "ASSIGNER" : "kurt@seifried.org",
+ "DATE_ASSIGNED" : "2018-12-05T14:18:48.092795",
+ "DATE_REQUESTED" : "2018-10-19T16:32:46",
+ "ID" : "CVE-2018-1000854",
+ "REQUESTER" : "nicolas.richeton@gmail.com",
+ "STATE" : "PUBLIC"
+ },
+ "affects" : {
+ "vendor" : {
+ "vendor_data" : [
+ {
+ "product" : {
+ "product_data" : [
+ {
+ "product_name" : "esigate",
+ "version" : {
+ "version_data" : [
+ {
+ "version_value" : "5.2 and earlier"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name" : "esigate.org"
+ }
+ ]
+ }
+ },
+ "data_format" : "MITRE",
+ "data_type" : "CVE",
+ "data_version" : "4.0",
+ "description" : {
+ "description_data" : [
+ {
+ "lang" : "eng",
+ "value" : "esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable via Use of another weakness in backend application to reflect ESI directives. This vulnerability appears to have been fixed in 5.3."
+ }
+ ]
+ },
+ "problemtype" : {
+ "problemtype_data" : [
+ {
+ "description" : [
+ {
+ "lang" : "eng",
+ "value" : "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')"
+ }
+ ]
+ }
+ ]
+ },
+ "references" : {
+ "reference_data" : [
+ {
+ "name" : "https://github.com/esigate/esigate/issues/209",
+ "refsource" : "MISC",
+ "url" : "https://github.com/esigate/esigate/issues/209"
+ }
+ ]
+ }
+}
diff --git a/2018/1000xxx/CVE-2018-1000855.json b/2018/1000xxx/CVE-2018-1000855.json
index 2071dd484f7..4b0433339e8 100644
--- a/2018/1000xxx/CVE-2018-1000855.json
+++ b/2018/1000xxx/CVE-2018-1000855.json
@@ -1 +1,70 @@
-{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-12-05T14:18:48.093768", "DATE_REQUESTED": "2018-11-19T08:38:18", "ID": "CVE-2018-1000855", "REQUESTER": "rosa@basecamp.com" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "easymon", "version": { "version_data": [ { "version_value": "1.4 and earlier" } ] } } ] }, "vendor_name": "easymon" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "easymon version 1.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Endpoint where monitoring is mounted that can result in Reflected XSS that affects Firefox. Can be used to steal cookies, depending on the cookie settings.. This attack appear to be exploitable via The victim must click on a crafted URL that contains the XSS payload. This vulnerability appears to have been fixed in 1.4.1 and later." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Cross Site Scripting (XSS)" } ] } ] }, "references": { "reference_data": [ { "url": "https://github.com/basecamp/easymon/issues/26" }, { "url": "https://github.com/basecamp/easymon/pull/25" } ] } }
\ No newline at end of file
+{
+ "CVE_data_meta" : {
+ "ASSIGNER" : "kurt@seifried.org",
+ "DATE_ASSIGNED" : "2018-12-05T14:18:48.093768",
+ "DATE_REQUESTED" : "2018-11-19T08:38:18",
+ "ID" : "CVE-2018-1000855",
+ "REQUESTER" : "rosa@basecamp.com",
+ "STATE" : "PUBLIC"
+ },
+ "affects" : {
+ "vendor" : {
+ "vendor_data" : [
+ {
+ "product" : {
+ "product_data" : [
+ {
+ "product_name" : "easymon",
+ "version" : {
+ "version_data" : [
+ {
+ "version_value" : "1.4 and earlier"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name" : "easymon"
+ }
+ ]
+ }
+ },
+ "data_format" : "MITRE",
+ "data_type" : "CVE",
+ "data_version" : "4.0",
+ "description" : {
+ "description_data" : [
+ {
+ "lang" : "eng",
+ "value" : "easymon version 1.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Endpoint where monitoring is mounted that can result in Reflected XSS that affects Firefox. Can be used to steal cookies, depending on the cookie settings.. This attack appear to be exploitable via The victim must click on a crafted URL that contains the XSS payload. This vulnerability appears to have been fixed in 1.4.1 and later."
+ }
+ ]
+ },
+ "problemtype" : {
+ "problemtype_data" : [
+ {
+ "description" : [
+ {
+ "lang" : "eng",
+ "value" : "Cross Site Scripting (XSS)"
+ }
+ ]
+ }
+ ]
+ },
+ "references" : {
+ "reference_data" : [
+ {
+ "name" : "https://github.com/basecamp/easymon/issues/26",
+ "refsource" : "MISC",
+ "url" : "https://github.com/basecamp/easymon/issues/26"
+ },
+ {
+ "name" : "https://github.com/basecamp/easymon/pull/25",
+ "refsource" : "MISC",
+ "url" : "https://github.com/basecamp/easymon/pull/25"
+ }
+ ]
+ }
+}
diff --git a/2018/1000xxx/CVE-2018-1000856.json b/2018/1000xxx/CVE-2018-1000856.json
index 9cb1b077b6c..b7d4d2c9c9e 100644
--- a/2018/1000xxx/CVE-2018-1000856.json
+++ b/2018/1000xxx/CVE-2018-1000856.json
@@ -1 +1,65 @@
-{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-12-05T14:18:48.094407", "DATE_REQUESTED": "2018-11-20T05:25:34", "ID": "CVE-2018-1000856", "REQUESTER": "sujendra.m@gmail.com" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "DomainMOD", "version": { "version_data": [ { "version_value": "4.09.03 and above. Also verified in the latest version 4.11.01" } ] } } ] }, "vendor_name": "DomainMOD" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "DomainMOD version 4.09.03 and above. Also verified in the latest version 4.11.01 contains a Cross Site Scripting (XSS) vulnerability in Segment Name field in the segments page that can result in Arbitrary script can be executed on all users browsers who visit the affected page. This attack appear to be exploitable via Victim must visit the vulnerable page. This vulnerability appears to have been fixed in No fix yet." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Cross Site Scripting (XSS)" } ] } ] }, "references": { "reference_data": [ { "url": "https://github.com/domainmod/domainmod/issues/80" } ] } }
\ No newline at end of file
+{
+ "CVE_data_meta" : {
+ "ASSIGNER" : "kurt@seifried.org",
+ "DATE_ASSIGNED" : "2018-12-05T14:18:48.094407",
+ "DATE_REQUESTED" : "2018-11-20T05:25:34",
+ "ID" : "CVE-2018-1000856",
+ "REQUESTER" : "sujendra.m@gmail.com",
+ "STATE" : "PUBLIC"
+ },
+ "affects" : {
+ "vendor" : {
+ "vendor_data" : [
+ {
+ "product" : {
+ "product_data" : [
+ {
+ "product_name" : "DomainMOD",
+ "version" : {
+ "version_data" : [
+ {
+ "version_value" : "4.09.03 and above. Also verified in the latest version 4.11.01"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name" : "DomainMOD"
+ }
+ ]
+ }
+ },
+ "data_format" : "MITRE",
+ "data_type" : "CVE",
+ "data_version" : "4.0",
+ "description" : {
+ "description_data" : [
+ {
+ "lang" : "eng",
+ "value" : "DomainMOD version 4.09.03 and above. Also verified in the latest version 4.11.01 contains a Cross Site Scripting (XSS) vulnerability in Segment Name field in the segments page that can result in Arbitrary script can be executed on all users browsers who visit the affected page. This attack appear to be exploitable via Victim must visit the vulnerable page. This vulnerability appears to have been fixed in No fix yet."
+ }
+ ]
+ },
+ "problemtype" : {
+ "problemtype_data" : [
+ {
+ "description" : [
+ {
+ "lang" : "eng",
+ "value" : "Cross Site Scripting (XSS)"
+ }
+ ]
+ }
+ ]
+ },
+ "references" : {
+ "reference_data" : [
+ {
+ "name" : "https://github.com/domainmod/domainmod/issues/80",
+ "refsource" : "MISC",
+ "url" : "https://github.com/domainmod/domainmod/issues/80"
+ }
+ ]
+ }
+}
diff --git a/2018/1000xxx/CVE-2018-1000857.json b/2018/1000xxx/CVE-2018-1000857.json
index 39497fe64ea..8bea6198d09 100644
--- a/2018/1000xxx/CVE-2018-1000857.json
+++ b/2018/1000xxx/CVE-2018-1000857.json
@@ -1 +1,65 @@
-{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-12-05T14:18:48.095067", "DATE_REQUESTED": "2018-11-22T22:05:34", "ID": "CVE-2018-1000857", "REQUESTER": "me@halfdog.net" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "log-user-session", "version": { "version_data": [ { "version_value": "0.7 and earlier" } ] } } ] }, "vendor_name": "log-user-session" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. This attack appear to be exploitable via Malicious unprivileged user executes the vulnerable binary/(remote) environment variable manipulation similar shell-shock also possible." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Directory Traversal" } ] } ] }, "references": { "reference_data": [ { "url": "https://www.halfdog.net/Security/2018/LogUserSessionLocalRootPrivilegeEscalation/" } ] } }
\ No newline at end of file
+{
+ "CVE_data_meta" : {
+ "ASSIGNER" : "kurt@seifried.org",
+ "DATE_ASSIGNED" : "2018-12-05T14:18:48.095067",
+ "DATE_REQUESTED" : "2018-11-22T22:05:34",
+ "ID" : "CVE-2018-1000857",
+ "REQUESTER" : "me@halfdog.net",
+ "STATE" : "PUBLIC"
+ },
+ "affects" : {
+ "vendor" : {
+ "vendor_data" : [
+ {
+ "product" : {
+ "product_data" : [
+ {
+ "product_name" : "log-user-session",
+ "version" : {
+ "version_data" : [
+ {
+ "version_value" : "0.7 and earlier"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name" : "log-user-session"
+ }
+ ]
+ }
+ },
+ "data_format" : "MITRE",
+ "data_type" : "CVE",
+ "data_version" : "4.0",
+ "description" : {
+ "description_data" : [
+ {
+ "lang" : "eng",
+ "value" : "log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. This attack appear to be exploitable via Malicious unprivileged user executes the vulnerable binary/(remote) environment variable manipulation similar shell-shock also possible."
+ }
+ ]
+ },
+ "problemtype" : {
+ "problemtype_data" : [
+ {
+ "description" : [
+ {
+ "lang" : "eng",
+ "value" : "Directory Traversal"
+ }
+ ]
+ }
+ ]
+ },
+ "references" : {
+ "reference_data" : [
+ {
+ "name" : "https://www.halfdog.net/Security/2018/LogUserSessionLocalRootPrivilegeEscalation/",
+ "refsource" : "MISC",
+ "url" : "https://www.halfdog.net/Security/2018/LogUserSessionLocalRootPrivilegeEscalation/"
+ }
+ ]
+ }
+}
diff --git a/2018/1000xxx/CVE-2018-1000858.json b/2018/1000xxx/CVE-2018-1000858.json
index ec65117f09f..39da94fa44c 100644
--- a/2018/1000xxx/CVE-2018-1000858.json
+++ b/2018/1000xxx/CVE-2018-1000858.json
@@ -1 +1,70 @@
-{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-12-05T14:18:48.095694", "DATE_REQUESTED": "2018-11-23T20:30:00", "ID": "CVE-2018-1000858", "REQUESTER": "cve@sektioneins.de" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "GnuPG", "version": { "version_data": [ { "version_value": "2.1.12 - 2.2.11" } ] } } ] }, "vendor_name": "GnuPG" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window of Thunderbird/Enigmail. This vulnerability appears to have been fixed in after commit 4a4bb874f63741026bd26264c43bb32b1099f060." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Cross ite Request Forgery (CSRF)" } ] } ] }, "references": { "reference_data": [ { "url": "https://sektioneins.de/en/advisories/advisory-012018-gnupg-wkd.html" }, { "url": "https://sektioneins.de/en/blog/18-11-23-gnupg-wkd.html" } ] } }
\ No newline at end of file
+{
+ "CVE_data_meta" : {
+ "ASSIGNER" : "kurt@seifried.org",
+ "DATE_ASSIGNED" : "2018-12-05T14:18:48.095694",
+ "DATE_REQUESTED" : "2018-11-23T20:30:00",
+ "ID" : "CVE-2018-1000858",
+ "REQUESTER" : "cve@sektioneins.de",
+ "STATE" : "PUBLIC"
+ },
+ "affects" : {
+ "vendor" : {
+ "vendor_data" : [
+ {
+ "product" : {
+ "product_data" : [
+ {
+ "product_name" : "GnuPG",
+ "version" : {
+ "version_data" : [
+ {
+ "version_value" : "2.1.12 - 2.2.11"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name" : "GnuPG"
+ }
+ ]
+ }
+ },
+ "data_format" : "MITRE",
+ "data_type" : "CVE",
+ "data_version" : "4.0",
+ "description" : {
+ "description_data" : [
+ {
+ "lang" : "eng",
+ "value" : "GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window of Thunderbird/Enigmail. This vulnerability appears to have been fixed in after commit 4a4bb874f63741026bd26264c43bb32b1099f060."
+ }
+ ]
+ },
+ "problemtype" : {
+ "problemtype_data" : [
+ {
+ "description" : [
+ {
+ "lang" : "eng",
+ "value" : "Cross ite Request Forgery (CSRF)"
+ }
+ ]
+ }
+ ]
+ },
+ "references" : {
+ "reference_data" : [
+ {
+ "name" : "https://sektioneins.de/en/advisories/advisory-012018-gnupg-wkd.html",
+ "refsource" : "MISC",
+ "url" : "https://sektioneins.de/en/advisories/advisory-012018-gnupg-wkd.html"
+ },
+ {
+ "name" : "https://sektioneins.de/en/blog/18-11-23-gnupg-wkd.html",
+ "refsource" : "MISC",
+ "url" : "https://sektioneins.de/en/blog/18-11-23-gnupg-wkd.html"
+ }
+ ]
+ }
+}
diff --git a/2018/1000xxx/CVE-2018-1000860.json b/2018/1000xxx/CVE-2018-1000860.json
index a60143d3e8a..0c4c9f34d3c 100644
--- a/2018/1000xxx/CVE-2018-1000860.json
+++ b/2018/1000xxx/CVE-2018-1000860.json
@@ -1 +1,65 @@
-{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-12-05T14:18:48.097031", "DATE_REQUESTED": "2018-11-29T17:16:48", "ID": "CVE-2018-1000860", "REQUESTER": "Disgruntled3lf@gmail.com" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "phpipam", "version": { "version_data": [ { "version_value": "1.3.2 and earlier" } ] } } ] }, "vendor_name": "phpipam" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "phpipam version 1.3.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in The value of the phpipamredirect cookie is copied into an HTML tag on the login page encapsulated in single quotes. Editing the value of the cookie to r5zkh'>quqtl exploits an XSS vulnerability. that can result in Arbitrary code executes in victims browser.. This attack appear to be exploitable via Needs to be chained with another exploit that allows an attacker to set or modify a cookie for the phpIPAM instance's domain.." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Cross Site Scripting (XSS)" } ] } ] }, "references": { "reference_data": [ { "url": "https://github.com/phpipam/phpipam/issues/2338" } ] } }
\ No newline at end of file
+{
+ "CVE_data_meta" : {
+ "ASSIGNER" : "kurt@seifried.org",
+ "DATE_ASSIGNED" : "2018-12-05T14:18:48.097031",
+ "DATE_REQUESTED" : "2018-11-29T17:16:48",
+ "ID" : "CVE-2018-1000860",
+ "REQUESTER" : "Disgruntled3lf@gmail.com",
+ "STATE" : "PUBLIC"
+ },
+ "affects" : {
+ "vendor" : {
+ "vendor_data" : [
+ {
+ "product" : {
+ "product_data" : [
+ {
+ "product_name" : "phpipam",
+ "version" : {
+ "version_data" : [
+ {
+ "version_value" : "1.3.2 and earlier"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name" : "phpipam"
+ }
+ ]
+ }
+ },
+ "data_format" : "MITRE",
+ "data_type" : "CVE",
+ "data_version" : "4.0",
+ "description" : {
+ "description_data" : [
+ {
+ "lang" : "eng",
+ "value" : "phpipam version 1.3.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in The value of the phpipamredirect cookie is copied into an HTML tag on the login page encapsulated in single quotes. Editing the value of the cookie to r5zkh'>quqtl exploits an XSS vulnerability. that can result in Arbitrary code executes in victims browser.. This attack appear to be exploitable via Needs to be chained with another exploit that allows an attacker to set or modify a cookie for the phpIPAM instance's domain.."
+ }
+ ]
+ },
+ "problemtype" : {
+ "problemtype_data" : [
+ {
+ "description" : [
+ {
+ "lang" : "eng",
+ "value" : "Cross Site Scripting (XSS)"
+ }
+ ]
+ }
+ ]
+ },
+ "references" : {
+ "reference_data" : [
+ {
+ "name" : "https://github.com/phpipam/phpipam/issues/2338",
+ "refsource" : "MISC",
+ "url" : "https://github.com/phpipam/phpipam/issues/2338"
+ }
+ ]
+ }
+}
diff --git a/2018/1xxx/CVE-2018-1778.json b/2018/1xxx/CVE-2018-1778.json
index d2a6c3af750..8f2a95005d0 100644
--- a/2018/1xxx/CVE-2018-1778.json
+++ b/2018/1xxx/CVE-2018-1778.json
@@ -44,7 +44,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "IBM LoopBack (IBM API Connect 2018.1, 2018.4.1, 5.0.8.0, and 5.0.8.4) could allow an attacker to bypass authentication if f the AccessToken Model is exposed over a REST API, it is then possible for anyone to create an AccessToken for any User provided they know the userId and can hence get access to the other user’s data / access to their privileges (if the user happens to be an Admin for example). IBM X-Force ID: 148801."
+ "value" : "IBM LoopBack (IBM API Connect 2018.1, 2018.4.1, 5.0.8.0, and 5.0.8.4) could allow an attacker to bypass authentication if the AccessToken Model is exposed over a REST API, it is then possible for anyone to create an AccessToken for any User provided they know the userId and can hence get access to the other user’s data / access to their privileges (if the user happens to be an Admin for example). IBM X-Force ID: 148801."
}
]
},