diff --git a/2017/1xxx/CVE-2017-1473.json b/2017/1xxx/CVE-2017-1473.json index 4af007f1688..e5b0f992344 100644 --- a/2017/1xxx/CVE-2017-1473.json +++ b/2017/1xxx/CVE-2017-1473.json @@ -1,21 +1,14 @@ { - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "DATE_PUBLIC" : "2018-04-16T00:00:00", + "ID" : "CVE-2017-1473", + "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { - "vendor_name" : "IBM", "product" : { "product_data" : [ { @@ -83,41 +76,46 @@ } } ] - } + }, + "vendor_name" : "IBM" } ] } }, - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2018-04-16T00:00:00", - "STATE" : "PUBLIC", - "ID" : "CVE-2017-1473" - }, - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22012268", - "title" : "IBM Security Bulletin 2012268 (Security Access Manager)", - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22012268" - }, - { - "name" : "X-Force Vulnerability Report", - "title" : "ibm-sam-cve20171473-info-disc(128605)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128605", - "refsource" : "XF" - } - ] - }, - "data_type" : "CVE", "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", - "value" : "IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6 and 9.0.0 through 9.0.3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 128605." + "value" : "IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6 and 9.0.0 through 9.0.3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 128605." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.ibm.com/support/docview.wss?uid=swg22012268", + "refsource" : "CONFIRM", + "url" : "http://www.ibm.com/support/docview.wss?uid=swg22012268" + }, + { + "name" : "ibm-sam-cve20171473-info-disc(128605)", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128605" } ] } diff --git a/2017/1xxx/CVE-2017-1486.json b/2017/1xxx/CVE-2017-1486.json index 8624b476f14..e3267fd5b00 100644 --- a/2017/1xxx/CVE-2017-1486.json +++ b/2017/1xxx/CVE-2017-1486.json @@ -1,10 +1,9 @@ { - "data_version" : "4.0", "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", "DATE_PUBLIC" : "2018-04-18T00:00:00", "ID" : "CVE-2017-1486", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com" + "STATE" : "PUBLIC" }, "affects" : { "vendor" : { @@ -13,6 +12,7 @@ "product" : { "product_data" : [ { + "product_name" : "Cognos Business Intelligence", "version" : { "version_data" : [ { @@ -28,8 +28,7 @@ "version_value" : "10.2.2" } ] - }, - "product_name" : "Cognos Business Intelligence" + } } ] }, @@ -39,11 +38,13 @@ } }, "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", "description" : { "description_data" : [ { - "value" : "IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128624.", - "lang" : "eng" + "lang" : "eng", + "value" : "IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128624." } ] }, @@ -62,18 +63,15 @@ "references" : { "reference_data" : [ { + "name" : "http://www.ibm.com/support/docview.wss?uid=swg22014202", "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 2014202 (Cognos Business Intelligence)", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22014202", - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22014202" + "url" : "http://www.ibm.com/support/docview.wss?uid=swg22014202" }, { + "name" : "ibm-cognos-cve20171486-xss(128624)", "refsource" : "XF", - "name" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128624", - "title" : "ibm-cognos-cve20171486-xss(128624)" + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128624" } ] - }, - "data_type" : "CVE" + } } diff --git a/2017/1xxx/CVE-2017-1701.json b/2017/1xxx/CVE-2017-1701.json index 177f986c296..387e834f600 100644 --- a/2017/1xxx/CVE-2017-1701.json +++ b/2017/1xxx/CVE-2017-1701.json @@ -1,31 +1,18 @@ { "CVE_data_meta" : { - "DATE_PUBLIC" : "2018-04-10T00:00:00", "ASSIGNER" : "psirt@us.ibm.com", + "DATE_PUBLIC" : "2018-04-10T00:00:00", "ID" : "CVE-2017-1701", "STATE" : "PUBLIC" }, - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } - ] - } - ] - }, "affects" : { "vendor" : { "vendor_data" : [ { - "vendor_name" : "IBM", "product" : { "product_data" : [ { + "product_name" : "Rational Team Concert", "version" : { "version_data" : [ { @@ -56,38 +43,49 @@ "version_value" : "6.0.5" } ] - }, - "product_name" : "Rational Team Concert" + } } ] - } + }, + "vendor_name" : "IBM" } ] } }, - "data_type" : "CVE", - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 2015454 (Rational Team Concert)", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22015454", - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22015454" - }, - { - "title" : "ibm-rtc-cve20171701-info-disc(134393)", - "refsource" : "XF", - "name" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/134393" - } - ] - }, "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", - "value" : "IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores credentials for users using a weak encryption algorithm, which could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 134393." + "value" : "IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores credentials for users using a weak encryption algorithm, which could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 134393." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.ibm.com/support/docview.wss?uid=swg22015454", + "refsource" : "CONFIRM", + "url" : "http://www.ibm.com/support/docview.wss?uid=swg22015454" + }, + { + "name" : "ibm-rtc-cve20171701-info-disc(134393)", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/134393" } ] } diff --git a/2017/1xxx/CVE-2017-1764.json b/2017/1xxx/CVE-2017-1764.json index 1af41553b8a..be4e31e9bad 100644 --- a/2017/1xxx/CVE-2017-1764.json +++ b/2017/1xxx/CVE-2017-1764.json @@ -1,33 +1,10 @@ { - "data_type" : "CVE", - "data_version" : "4.0", "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", "DATE_PUBLIC" : "2018-04-18T00:00:00", "ID" : "CVE-2017-1764", - "ASSIGNER" : "psirt@us.ibm.com", "STATE" : "PUBLIC" }, - "description" : { - "description_data" : [ - { - "value" : "IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2, under specialized circumstances, could expose plain text credentials to a local user. IBM X-Force ID: 136149.", - "lang" : "eng" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } - ] - } - ] - }, - "data_format" : "MITRE", "affects" : { "vendor" : { "vendor_data" : [ @@ -60,19 +37,40 @@ ] } }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2, under specialized circumstances, could expose plain text credentials to a local user. IBM X-Force ID: 136149." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, "references" : { "reference_data" : [ { - "refsource" : "CONFIRM", "name" : "http://www.ibm.com/support/docview.wss?uid=swg22014202", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22014202", - "title" : "IBM Security Bulletin 2014202 (Cognos Business Intelligence)" + "refsource" : "CONFIRM", + "url" : "http://www.ibm.com/support/docview.wss?uid=swg22014202" }, { + "name" : "ibm-cognos-cve20171764-info-disc(136149)", "refsource" : "XF", - "name" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/136149", - "title" : "ibm-cognos-cve20171764-info-disc(136149)" + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/136149" } ] } diff --git a/2017/1xxx/CVE-2017-1786.json b/2017/1xxx/CVE-2017-1786.json index 3d2956b5e7b..2d4540a94a3 100644 --- a/2017/1xxx/CVE-2017-1786.json +++ b/2017/1xxx/CVE-2017-1786.json @@ -1,20 +1,18 @@ { - "description" : { - "description_data" : [ - { - "value" : "IBM WebSphere MQ 8.0 through 8.0.0.8 and 9.0 through 9.0.4 under special circumstances could allow an authenicated user to consume all resources due to a memory leak resulting in service loss. IBM X-Force ID: 136975.", - "lang" : "eng" - } - ] + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "DATE_PUBLIC" : "2018-04-17T00:00:00", + "ID" : "CVE-2017-1786", + "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { - "vendor_name" : "IBM", "product" : { "product_data" : [ { + "product_name" : "MQ", "version" : { "version_data" : [ { @@ -66,40 +64,26 @@ "version_value" : "8.0.0.8" } ] - }, - "product_name" : "MQ" + } } ] - } + }, + "vendor_name" : "IBM" } ] } }, - "references" : { - "reference_data" : [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22013023", - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22013023", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 2013023 (MQ)" - }, - { - "title" : "ibm-websphere-cve20171786-dos(136975)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/136975", - "name" : "X-Force Vulnerability Report" + "lang" : "eng", + "value" : "IBM WebSphere MQ 8.0 through 8.0.0.8 and 9.0 through 9.0.4 under special circumstances could allow an authenticated user to consume all resources due to a memory leak resulting in service loss. IBM X-Force ID: 136975." } ] }, - "data_type" : "CVE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ID" : "CVE-2017-1786", - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2018-04-17T00:00:00", - "STATE" : "PUBLIC" - }, - "data_format" : "MITRE", "problemtype" : { "problemtype_data" : [ { @@ -111,5 +95,19 @@ ] } ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.ibm.com/support/docview.wss?uid=swg22013023", + "refsource" : "CONFIRM", + "url" : "http://www.ibm.com/support/docview.wss?uid=swg22013023" + }, + { + "name" : "ibm-websphere-cve20171786-dos(136975)", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/136975" + } + ] } }