mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-06-08 14:08:13 +00:00
- Synchronized data.
This commit is contained in:
CVE Team
parent
80d5e19f07
commit
8d80cefda8
@ -1,62 +1,18 @@
|
|||||||
{
|
{
|
||||||
"data_type" : "CVE",
|
"CVE_data_meta" : {
|
||||||
"impact" : {
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
"cvssv3" : {
|
"DATE_PUBLIC" : "2019-03-01T00:00:00",
|
||||||
"BM" : {
|
"ID" : "CVE-2018-1890",
|
||||||
"UI" : "N",
|
"STATE" : "PUBLIC"
|
||||||
"C" : "L",
|
|
||||||
"AC" : "H",
|
|
||||||
"S" : "C",
|
|
||||||
"A" : "L",
|
|
||||||
"I" : "L",
|
|
||||||
"SCORE" : "5.600",
|
|
||||||
"PR" : "N",
|
|
||||||
"AV" : "L"
|
|
||||||
},
|
|
||||||
"TM" : {
|
|
||||||
"E" : "U",
|
|
||||||
"RC" : "C",
|
|
||||||
"RL" : "O"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"data_version" : "4.0",
|
|
||||||
"references" : {
|
|
||||||
"reference_data" : [
|
|
||||||
{
|
|
||||||
"refsource" : "CONFIRM",
|
|
||||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10873042",
|
|
||||||
"title" : "IBM Security Bulletin 873042 (WebSphere Application Server)",
|
|
||||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10873042"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10873332",
|
|
||||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10873332",
|
|
||||||
"refsource" : "CONFIRM",
|
|
||||||
"title" : "IBM Security Bulletin 873332 (Runtimes for Java Technology)"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"title" : "IBM Security Bulletin 874750 (WebSphere Application Server Patterns)",
|
|
||||||
"refsource" : "CONFIRM",
|
|
||||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10874750",
|
|
||||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10874750"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081",
|
|
||||||
"title" : "X-Force Vulnerability Report",
|
|
||||||
"refsource" : "XF",
|
|
||||||
"name" : "ibm-sdk-cve20181890-code-exec (152081)"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
},
|
||||||
"affects" : {
|
"affects" : {
|
||||||
"vendor" : {
|
"vendor" : {
|
||||||
"vendor_data" : [
|
"vendor_data" : [
|
||||||
{
|
{
|
||||||
"vendor_name" : "IBM",
|
|
||||||
"product" : {
|
"product" : {
|
||||||
"product_data" : [
|
"product_data" : [
|
||||||
{
|
{
|
||||||
|
"product_name" : "WebSphere Application Server Patterns",
|
||||||
"version" : {
|
"version" : {
|
||||||
"version_data" : [
|
"version_data" : [
|
||||||
{
|
{
|
||||||
@ -72,10 +28,10 @@
|
|||||||
"version_value" : "2.2.5.3"
|
"version_value" : "2.2.5.3"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
}
|
||||||
"product_name" : "WebSphere Application Server Patterns"
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
"product_name" : "WebSphere Application Server",
|
||||||
"version" : {
|
"version" : {
|
||||||
"version_data" : [
|
"version_data" : [
|
||||||
{
|
{
|
||||||
@ -94,31 +50,28 @@
|
|||||||
"version_value" : "Liberty"
|
"version_value" : "Liberty"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
}
|
||||||
"product_name" : "WebSphere Application Server"
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
"product_name" : "Runtimes for Java Technology",
|
||||||
"version" : {
|
"version" : {
|
||||||
"version_data" : [
|
"version_data" : [
|
||||||
{
|
{
|
||||||
"version_value" : " "
|
"version_value" : " "
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
}
|
||||||
"product_name" : "Runtimes for Java Technology"
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
},
|
||||||
|
"vendor_name" : "IBM"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"CVE_data_meta" : {
|
"data_format" : "MITRE",
|
||||||
"ID" : "CVE-2018-1890",
|
"data_type" : "CVE",
|
||||||
"ASSIGNER" : "psirt@us.ibm.com",
|
"data_version" : "4.0",
|
||||||
"STATE" : "PUBLIC",
|
|
||||||
"DATE_PUBLIC" : "2019-03-01T00:00:00"
|
|
||||||
},
|
|
||||||
"description" : {
|
"description" : {
|
||||||
"description_data" : [
|
"description_data" : [
|
||||||
{
|
{
|
||||||
@ -127,7 +80,26 @@
|
|||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"data_format" : "MITRE",
|
"impact" : {
|
||||||
|
"cvssv3" : {
|
||||||
|
"BM" : {
|
||||||
|
"A" : "L",
|
||||||
|
"AC" : "H",
|
||||||
|
"AV" : "L",
|
||||||
|
"C" : "L",
|
||||||
|
"I" : "L",
|
||||||
|
"PR" : "N",
|
||||||
|
"S" : "C",
|
||||||
|
"SCORE" : "5.600",
|
||||||
|
"UI" : "N"
|
||||||
|
},
|
||||||
|
"TM" : {
|
||||||
|
"E" : "U",
|
||||||
|
"RC" : "C",
|
||||||
|
"RL" : "O"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"problemtype" : {
|
"problemtype" : {
|
||||||
"problemtype_data" : [
|
"problemtype_data" : [
|
||||||
{
|
{
|
||||||
@ -139,5 +111,29 @@
|
|||||||
]
|
]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
},
|
||||||
|
"references" : {
|
||||||
|
"reference_data" : [
|
||||||
|
{
|
||||||
|
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10873042",
|
||||||
|
"refsource" : "CONFIRM",
|
||||||
|
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10873042"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10873332",
|
||||||
|
"refsource" : "CONFIRM",
|
||||||
|
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10873332"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10874750",
|
||||||
|
"refsource" : "CONFIRM",
|
||||||
|
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10874750"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "ibm-sdk-cve20181890-code-exec(152081)",
|
||||||
|
"refsource" : "XF",
|
||||||
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081"
|
||||||
|
}
|
||||||
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,67 +1,8 @@
|
|||||||
{
|
{
|
||||||
"references" : {
|
|
||||||
"reference_data" : [
|
|
||||||
{
|
|
||||||
"title" : "IBM Security Bulletin 795115 (WebSphere Application Server)",
|
|
||||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10795115",
|
|
||||||
"refsource" : "CONFIRM",
|
|
||||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10795115"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"title" : "X-Force Vulnerability Report",
|
|
||||||
"name" : "ibm-websphere-cve20181902-spoofing (152531)",
|
|
||||||
"refsource" : "XF",
|
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152531"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"data_version" : "4.0",
|
|
||||||
"impact" : {
|
|
||||||
"cvssv3" : {
|
|
||||||
"TM" : {
|
|
||||||
"E" : "U",
|
|
||||||
"RL" : "O",
|
|
||||||
"RC" : "C"
|
|
||||||
},
|
|
||||||
"BM" : {
|
|
||||||
"AV" : "N",
|
|
||||||
"PR" : "L",
|
|
||||||
"SCORE" : "3.100",
|
|
||||||
"I" : "L",
|
|
||||||
"A" : "N",
|
|
||||||
"S" : "U",
|
|
||||||
"AC" : "H",
|
|
||||||
"C" : "N",
|
|
||||||
"UI" : "N"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"data_type" : "CVE",
|
|
||||||
"problemtype" : {
|
|
||||||
"problemtype_data" : [
|
|
||||||
{
|
|
||||||
"description" : [
|
|
||||||
{
|
|
||||||
"value" : "File Manipulation",
|
|
||||||
"lang" : "eng"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"data_format" : "MITRE",
|
|
||||||
"description" : {
|
|
||||||
"description_data" : [
|
|
||||||
{
|
|
||||||
"value" : "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to spoof connection information which could be used to launch further attacks against the system. IBM X-Force ID: 152531.",
|
|
||||||
"lang" : "eng"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"CVE_data_meta" : {
|
"CVE_data_meta" : {
|
||||||
"ID" : "CVE-2018-1902",
|
|
||||||
"ASSIGNER" : "psirt@us.ibm.com",
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
"DATE_PUBLIC" : "2019-03-07T00:00:00",
|
"DATE_PUBLIC" : "2019-03-07T00:00:00",
|
||||||
|
"ID" : "CVE-2018-1902",
|
||||||
"STATE" : "PUBLIC"
|
"STATE" : "PUBLIC"
|
||||||
},
|
},
|
||||||
"affects" : {
|
"affects" : {
|
||||||
@ -95,5 +36,62 @@
|
|||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"data_format" : "MITRE",
|
||||||
|
"data_type" : "CVE",
|
||||||
|
"data_version" : "4.0",
|
||||||
|
"description" : {
|
||||||
|
"description_data" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to spoof connection information which could be used to launch further attacks against the system. IBM X-Force ID: 152531."
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"impact" : {
|
||||||
|
"cvssv3" : {
|
||||||
|
"BM" : {
|
||||||
|
"A" : "N",
|
||||||
|
"AC" : "H",
|
||||||
|
"AV" : "N",
|
||||||
|
"C" : "N",
|
||||||
|
"I" : "L",
|
||||||
|
"PR" : "L",
|
||||||
|
"S" : "U",
|
||||||
|
"SCORE" : "3.100",
|
||||||
|
"UI" : "N"
|
||||||
|
},
|
||||||
|
"TM" : {
|
||||||
|
"E" : "U",
|
||||||
|
"RC" : "C",
|
||||||
|
"RL" : "O"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"problemtype" : {
|
||||||
|
"problemtype_data" : [
|
||||||
|
{
|
||||||
|
"description" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "File Manipulation"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"references" : {
|
||||||
|
"reference_data" : [
|
||||||
|
{
|
||||||
|
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10795115",
|
||||||
|
"refsource" : "CONFIRM",
|
||||||
|
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10795115"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "ibm-websphere-cve20181902-spoofing(152531)",
|
||||||
|
"refsource" : "XF",
|
||||||
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152531"
|
||||||
|
}
|
||||||
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,30 +1,14 @@
|
|||||||
{
|
{
|
||||||
"description" : {
|
"CVE_data_meta" : {
|
||||||
"description_data" : [
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
{
|
"DATE_PUBLIC" : "2019-03-04T00:00:00",
|
||||||
"value" : "IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152735.",
|
"ID" : "CVE-2018-1911",
|
||||||
"lang" : "eng"
|
"STATE" : "PUBLIC"
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"data_format" : "MITRE",
|
|
||||||
"problemtype" : {
|
|
||||||
"problemtype_data" : [
|
|
||||||
{
|
|
||||||
"description" : [
|
|
||||||
{
|
|
||||||
"value" : "Cross-Site Scripting",
|
|
||||||
"lang" : "eng"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
},
|
||||||
"affects" : {
|
"affects" : {
|
||||||
"vendor" : {
|
"vendor" : {
|
||||||
"vendor_data" : [
|
"vendor_data" : [
|
||||||
{
|
{
|
||||||
"vendor_name" : "IBM",
|
|
||||||
"product" : {
|
"product" : {
|
||||||
"product_data" : [
|
"product_data" : [
|
||||||
{
|
{
|
||||||
@ -65,53 +49,67 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
},
|
||||||
|
"vendor_name" : "IBM"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"CVE_data_meta" : {
|
"data_format" : "MITRE",
|
||||||
"ASSIGNER" : "psirt@us.ibm.com",
|
"data_type" : "CVE",
|
||||||
"ID" : "CVE-2018-1911",
|
"data_version" : "4.0",
|
||||||
"DATE_PUBLIC" : "2019-03-04T00:00:00",
|
"description" : {
|
||||||
"STATE" : "PUBLIC"
|
"description_data" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152735."
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"impact" : {
|
||||||
|
"cvssv3" : {
|
||||||
|
"BM" : {
|
||||||
|
"A" : "N",
|
||||||
|
"AC" : "L",
|
||||||
|
"AV" : "N",
|
||||||
|
"C" : "L",
|
||||||
|
"I" : "L",
|
||||||
|
"PR" : "L",
|
||||||
|
"S" : "C",
|
||||||
|
"SCORE" : "5.400",
|
||||||
|
"UI" : "R"
|
||||||
|
},
|
||||||
|
"TM" : {
|
||||||
|
"E" : "H",
|
||||||
|
"RC" : "C",
|
||||||
|
"RL" : "O"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"problemtype" : {
|
||||||
|
"problemtype_data" : [
|
||||||
|
{
|
||||||
|
"description" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "Cross-Site Scripting"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"references" : {
|
"references" : {
|
||||||
"reference_data" : [
|
"reference_data" : [
|
||||||
{
|
{
|
||||||
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10873256",
|
|
||||||
"title" : "IBM Security Bulletin 873256 (Rational DOORS Next Generation)",
|
|
||||||
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10873256",
|
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10873256",
|
||||||
"refsource" : "CONFIRM"
|
"refsource" : "CONFIRM",
|
||||||
|
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10873256"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152735",
|
|
||||||
"refsource" : "XF",
|
|
||||||
"name" : "ibm-dng-cve20181911-xss(152735)",
|
"name" : "ibm-dng-cve20181911-xss(152735)",
|
||||||
"title" : "X-Force Vulnerability Report"
|
"refsource" : "XF",
|
||||||
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152735"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
|
||||||
"data_version" : "4.0",
|
|
||||||
"data_type" : "CVE",
|
|
||||||
"impact" : {
|
|
||||||
"cvssv3" : {
|
|
||||||
"BM" : {
|
|
||||||
"AC" : "L",
|
|
||||||
"S" : "C",
|
|
||||||
"UI" : "R",
|
|
||||||
"C" : "L",
|
|
||||||
"PR" : "L",
|
|
||||||
"AV" : "N",
|
|
||||||
"A" : "N",
|
|
||||||
"SCORE" : "5.400",
|
|
||||||
"I" : "L"
|
|
||||||
},
|
|
||||||
"TM" : {
|
|
||||||
"RC" : "C",
|
|
||||||
"RL" : "O",
|
|
||||||
"E" : "H"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,47 +1,14 @@
|
|||||||
{
|
{
|
||||||
"data_type" : "CVE",
|
"CVE_data_meta" : {
|
||||||
"impact" : {
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
"cvssv3" : {
|
"DATE_PUBLIC" : "2019-03-04T00:00:00",
|
||||||
"BM" : {
|
"ID" : "CVE-2018-1912",
|
||||||
"S" : "C",
|
"STATE" : "PUBLIC"
|
||||||
"AC" : "L",
|
|
||||||
"C" : "L",
|
|
||||||
"UI" : "R",
|
|
||||||
"AV" : "N",
|
|
||||||
"PR" : "L",
|
|
||||||
"I" : "L",
|
|
||||||
"SCORE" : "5.400",
|
|
||||||
"A" : "N"
|
|
||||||
},
|
|
||||||
"TM" : {
|
|
||||||
"E" : "H",
|
|
||||||
"RL" : "O",
|
|
||||||
"RC" : "C"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"data_version" : "4.0",
|
|
||||||
"references" : {
|
|
||||||
"reference_data" : [
|
|
||||||
{
|
|
||||||
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10873254",
|
|
||||||
"refsource" : "CONFIRM",
|
|
||||||
"title" : "IBM Security Bulletin 873254 (Rational DOORS Next Generation)",
|
|
||||||
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10873254"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152736",
|
|
||||||
"title" : "X-Force Vulnerability Report",
|
|
||||||
"name" : "ibm-dng-cve20181912-xss (152736)",
|
|
||||||
"refsource" : "XF"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
},
|
||||||
"affects" : {
|
"affects" : {
|
||||||
"vendor" : {
|
"vendor" : {
|
||||||
"vendor_data" : [
|
"vendor_data" : [
|
||||||
{
|
{
|
||||||
"vendor_name" : "IBM",
|
|
||||||
"product" : {
|
"product" : {
|
||||||
"product_data" : [
|
"product_data" : [
|
||||||
{
|
{
|
||||||
@ -67,17 +34,15 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
},
|
||||||
|
"vendor_name" : "IBM"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"CVE_data_meta" : {
|
"data_format" : "MITRE",
|
||||||
"ID" : "CVE-2018-1912",
|
"data_type" : "CVE",
|
||||||
"ASSIGNER" : "psirt@us.ibm.com",
|
"data_version" : "4.0",
|
||||||
"DATE_PUBLIC" : "2019-03-04T00:00:00",
|
|
||||||
"STATE" : "PUBLIC"
|
|
||||||
},
|
|
||||||
"description" : {
|
"description" : {
|
||||||
"description_data" : [
|
"description_data" : [
|
||||||
{
|
{
|
||||||
@ -86,17 +51,50 @@
|
|||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"data_format" : "MITRE",
|
"impact" : {
|
||||||
|
"cvssv3" : {
|
||||||
|
"BM" : {
|
||||||
|
"A" : "N",
|
||||||
|
"AC" : "L",
|
||||||
|
"AV" : "N",
|
||||||
|
"C" : "L",
|
||||||
|
"I" : "L",
|
||||||
|
"PR" : "L",
|
||||||
|
"S" : "C",
|
||||||
|
"SCORE" : "5.400",
|
||||||
|
"UI" : "R"
|
||||||
|
},
|
||||||
|
"TM" : {
|
||||||
|
"E" : "H",
|
||||||
|
"RC" : "C",
|
||||||
|
"RL" : "O"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"problemtype" : {
|
"problemtype" : {
|
||||||
"problemtype_data" : [
|
"problemtype_data" : [
|
||||||
{
|
{
|
||||||
"description" : [
|
"description" : [
|
||||||
{
|
{
|
||||||
"value" : "Cross-Site Scripting",
|
"lang" : "eng",
|
||||||
"lang" : "eng"
|
"value" : "Cross-Site Scripting"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
},
|
||||||
|
"references" : {
|
||||||
|
"reference_data" : [
|
||||||
|
{
|
||||||
|
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10873254",
|
||||||
|
"refsource" : "CONFIRM",
|
||||||
|
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10873254"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "ibm-dng-cve20181912-xss(152736)",
|
||||||
|
"refsource" : "XF",
|
||||||
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152736"
|
||||||
|
}
|
||||||
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,39 +1,18 @@
|
|||||||
{
|
{
|
||||||
"data_format" : "MITRE",
|
|
||||||
"problemtype" : {
|
|
||||||
"problemtype_data" : [
|
|
||||||
{
|
|
||||||
"description" : [
|
|
||||||
{
|
|
||||||
"lang" : "eng",
|
|
||||||
"value" : "Gain Privileges"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"description" : {
|
|
||||||
"description_data" : [
|
|
||||||
{
|
|
||||||
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152858.",
|
|
||||||
"lang" : "eng"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"CVE_data_meta" : {
|
"CVE_data_meta" : {
|
||||||
"ID" : "CVE-2018-1922",
|
|
||||||
"ASSIGNER" : "psirt@us.ibm.com",
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
||||||
|
"ID" : "CVE-2018-1922",
|
||||||
"STATE" : "PUBLIC"
|
"STATE" : "PUBLIC"
|
||||||
},
|
},
|
||||||
"affects" : {
|
"affects" : {
|
||||||
"vendor" : {
|
"vendor" : {
|
||||||
"vendor_data" : [
|
"vendor_data" : [
|
||||||
{
|
{
|
||||||
"vendor_name" : "IBM",
|
|
||||||
"product" : {
|
"product" : {
|
||||||
"product_data" : [
|
"product_data" : [
|
||||||
{
|
{
|
||||||
|
"product_name" : "DB2 for Linux, UNIX and Windows",
|
||||||
"version" : {
|
"version" : {
|
||||||
"version_data" : [
|
"version_data" : [
|
||||||
{
|
{
|
||||||
@ -49,45 +28,38 @@
|
|||||||
"version_value" : "11.1"
|
"version_value" : "11.1"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
}
|
||||||
"product_name" : "DB2 for Linux, UNIX and Windows"
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
},
|
||||||
|
"vendor_name" : "IBM"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"data_version" : "4.0",
|
"data_format" : "MITRE",
|
||||||
"references" : {
|
|
||||||
"reference_data" : [
|
|
||||||
{
|
|
||||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
|
||||||
"refsource" : "CONFIRM",
|
|
||||||
"title" : "IBM Security Bulletin 740413 (DB2 for Linux, UNIX and Windows)",
|
|
||||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"refsource" : "XF",
|
|
||||||
"name" : "ibm-db2-cve20181922-bo (152858)",
|
|
||||||
"title" : "X-Force Vulnerability Report",
|
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152858"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"data_type" : "CVE",
|
"data_type" : "CVE",
|
||||||
|
"data_version" : "4.0",
|
||||||
|
"description" : {
|
||||||
|
"description_data" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152858."
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
"impact" : {
|
"impact" : {
|
||||||
"cvssv3" : {
|
"cvssv3" : {
|
||||||
"BM" : {
|
"BM" : {
|
||||||
"AC" : "L",
|
|
||||||
"S" : "U",
|
|
||||||
"UI" : "N",
|
|
||||||
"C" : "H",
|
|
||||||
"PR" : "N",
|
|
||||||
"AV" : "L",
|
|
||||||
"A" : "H",
|
"A" : "H",
|
||||||
|
"AC" : "L",
|
||||||
|
"AV" : "L",
|
||||||
|
"C" : "H",
|
||||||
"I" : "H",
|
"I" : "H",
|
||||||
"SCORE" : "8.400"
|
"PR" : "N",
|
||||||
|
"S" : "U",
|
||||||
|
"SCORE" : "8.400",
|
||||||
|
"UI" : "N"
|
||||||
},
|
},
|
||||||
"TM" : {
|
"TM" : {
|
||||||
"E" : "U",
|
"E" : "U",
|
||||||
@ -95,5 +67,31 @@
|
|||||||
"RL" : "O"
|
"RL" : "O"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"problemtype" : {
|
||||||
|
"problemtype_data" : [
|
||||||
|
{
|
||||||
|
"description" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "Gain Privileges"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"references" : {
|
||||||
|
"reference_data" : [
|
||||||
|
{
|
||||||
|
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
||||||
|
"refsource" : "CONFIRM",
|
||||||
|
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "ibm-db2-cve20181922-bo(152858)",
|
||||||
|
"refsource" : "XF",
|
||||||
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152858"
|
||||||
|
}
|
||||||
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,39 +1,18 @@
|
|||||||
{
|
{
|
||||||
"data_format" : "MITRE",
|
|
||||||
"problemtype" : {
|
|
||||||
"problemtype_data" : [
|
|
||||||
{
|
|
||||||
"description" : [
|
|
||||||
{
|
|
||||||
"lang" : "eng",
|
|
||||||
"value" : "Gain Privileges"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"description" : {
|
|
||||||
"description_data" : [
|
|
||||||
{
|
|
||||||
"lang" : "eng",
|
|
||||||
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152859."
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"CVE_data_meta" : {
|
"CVE_data_meta" : {
|
||||||
"STATE" : "PUBLIC",
|
|
||||||
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
|
||||||
"ASSIGNER" : "psirt@us.ibm.com",
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
"ID" : "CVE-2018-1923"
|
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
||||||
|
"ID" : "CVE-2018-1923",
|
||||||
|
"STATE" : "PUBLIC"
|
||||||
},
|
},
|
||||||
"affects" : {
|
"affects" : {
|
||||||
"vendor" : {
|
"vendor" : {
|
||||||
"vendor_data" : [
|
"vendor_data" : [
|
||||||
{
|
{
|
||||||
"vendor_name" : "IBM",
|
|
||||||
"product" : {
|
"product" : {
|
||||||
"product_data" : [
|
"product_data" : [
|
||||||
{
|
{
|
||||||
|
"product_name" : "DB2 for Linux, UNIX and Windows",
|
||||||
"version" : {
|
"version" : {
|
||||||
"version_data" : [
|
"version_data" : [
|
||||||
{
|
{
|
||||||
@ -49,51 +28,70 @@
|
|||||||
"version_value" : "11.1"
|
"version_value" : "11.1"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"product_name" : "DB2 for Linux, UNIX and Windows"
|
"vendor_name" : "IBM"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"data_format" : "MITRE",
|
||||||
|
"data_type" : "CVE",
|
||||||
|
"data_version" : "4.0",
|
||||||
|
"description" : {
|
||||||
|
"description_data" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152859."
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"impact" : {
|
||||||
|
"cvssv3" : {
|
||||||
|
"BM" : {
|
||||||
|
"A" : "H",
|
||||||
|
"AC" : "L",
|
||||||
|
"AV" : "L",
|
||||||
|
"C" : "H",
|
||||||
|
"I" : "H",
|
||||||
|
"PR" : "N",
|
||||||
|
"S" : "U",
|
||||||
|
"SCORE" : "8.400",
|
||||||
|
"UI" : "N"
|
||||||
|
},
|
||||||
|
"TM" : {
|
||||||
|
"E" : "U",
|
||||||
|
"RC" : "C",
|
||||||
|
"RL" : "O"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"problemtype" : {
|
||||||
|
"problemtype_data" : [
|
||||||
|
{
|
||||||
|
"description" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "Gain Privileges"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"references" : {
|
"references" : {
|
||||||
"reference_data" : [
|
"reference_data" : [
|
||||||
{
|
{
|
||||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
||||||
"refsource" : "CONFIRM",
|
"refsource" : "CONFIRM",
|
||||||
"title" : "IBM Security Bulletin 740413 (DB2 for Linux, UNIX and Windows)",
|
|
||||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
|
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152859",
|
|
||||||
"name" : "ibm-db2-cve20181923-bo(152859)",
|
"name" : "ibm-db2-cve20181923-bo(152859)",
|
||||||
"refsource" : "XF",
|
"refsource" : "XF",
|
||||||
"title" : "X-Force Vulnerability Report"
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152859"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
|
||||||
"data_version" : "4.0",
|
|
||||||
"data_type" : "CVE",
|
|
||||||
"impact" : {
|
|
||||||
"cvssv3" : {
|
|
||||||
"TM" : {
|
|
||||||
"RL" : "O",
|
|
||||||
"RC" : "C",
|
|
||||||
"E" : "U"
|
|
||||||
},
|
|
||||||
"BM" : {
|
|
||||||
"PR" : "N",
|
|
||||||
"AV" : "L",
|
|
||||||
"A" : "H",
|
|
||||||
"I" : "H",
|
|
||||||
"SCORE" : "8.400",
|
|
||||||
"AC" : "L",
|
|
||||||
"S" : "U",
|
|
||||||
"UI" : "N",
|
|
||||||
"C" : "H"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,30 +1,9 @@
|
|||||||
{
|
{
|
||||||
"data_format" : "MITRE",
|
|
||||||
"problemtype" : {
|
|
||||||
"problemtype_data" : [
|
|
||||||
{
|
|
||||||
"description" : [
|
|
||||||
{
|
|
||||||
"value" : "Gain Privileges",
|
|
||||||
"lang" : "eng"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"description" : {
|
|
||||||
"description_data" : [
|
|
||||||
{
|
|
||||||
"value" : "IBM WebSphere 8.0.0.0 through 9.1.1 could allow an authenticated attacker to escalate their privileges when using multiplexed channels. IBM X-Force ID: 153915.",
|
|
||||||
"lang" : "eng"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"CVE_data_meta" : {
|
"CVE_data_meta" : {
|
||||||
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
|
||||||
"STATE" : "PUBLIC",
|
|
||||||
"ASSIGNER" : "psirt@us.ibm.com",
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
"ID" : "CVE-2018-1974"
|
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
||||||
|
"ID" : "CVE-2018-1974",
|
||||||
|
"STATE" : "PUBLIC"
|
||||||
},
|
},
|
||||||
"affects" : {
|
"affects" : {
|
||||||
"vendor" : {
|
"vendor" : {
|
||||||
@ -106,42 +85,61 @@
|
|||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"references" : {
|
"data_format" : "MITRE",
|
||||||
"reference_data" : [
|
"data_type" : "CVE",
|
||||||
|
"data_version" : "4.0",
|
||||||
|
"description" : {
|
||||||
|
"description_data" : [
|
||||||
{
|
{
|
||||||
"refsource" : "CONFIRM",
|
"lang" : "eng",
|
||||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10792043",
|
"value" : "IBM WebSphere 8.0.0.0 through 9.1.1 could allow an authenticated attacker to escalate their privileges when using multiplexed channels. IBM X-Force ID: 153915."
|
||||||
"title" : "IBM Security Bulletin 792043 (MQ)",
|
|
||||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10792043"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"title" : "X-Force Vulnerability Report",
|
|
||||||
"refsource" : "XF",
|
|
||||||
"name" : "ibm-websphere-cve20181974-priv-escalation (153915)",
|
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153915"
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"data_version" : "4.0",
|
|
||||||
"data_type" : "CVE",
|
|
||||||
"impact" : {
|
"impact" : {
|
||||||
"cvssv3" : {
|
"cvssv3" : {
|
||||||
|
"BM" : {
|
||||||
|
"A" : "H",
|
||||||
|
"AC" : "H",
|
||||||
|
"AV" : "N",
|
||||||
|
"C" : "H",
|
||||||
|
"I" : "H",
|
||||||
|
"PR" : "L",
|
||||||
|
"S" : "U",
|
||||||
|
"SCORE" : "7.500",
|
||||||
|
"UI" : "N"
|
||||||
|
},
|
||||||
"TM" : {
|
"TM" : {
|
||||||
"E" : "U",
|
"E" : "U",
|
||||||
"RC" : "C",
|
"RC" : "C",
|
||||||
"RL" : "O"
|
"RL" : "O"
|
||||||
|
}
|
||||||
|
}
|
||||||
},
|
},
|
||||||
"BM" : {
|
"problemtype" : {
|
||||||
"AC" : "H",
|
"problemtype_data" : [
|
||||||
"S" : "U",
|
{
|
||||||
"UI" : "N",
|
"description" : [
|
||||||
"C" : "H",
|
{
|
||||||
"PR" : "L",
|
"lang" : "eng",
|
||||||
"AV" : "N",
|
"value" : "Gain Privileges"
|
||||||
"A" : "H",
|
}
|
||||||
"SCORE" : "7.500",
|
]
|
||||||
"I" : "H"
|
}
|
||||||
}
|
]
|
||||||
}
|
},
|
||||||
|
"references" : {
|
||||||
|
"reference_data" : [
|
||||||
|
{
|
||||||
|
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10792043",
|
||||||
|
"refsource" : "CONFIRM",
|
||||||
|
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10792043"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "ibm-websphere-cve20181974-priv-escalation(153915)",
|
||||||
|
"refsource" : "XF",
|
||||||
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153915"
|
||||||
|
}
|
||||||
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,39 +1,18 @@
|
|||||||
{
|
{
|
||||||
"problemtype" : {
|
|
||||||
"problemtype_data" : [
|
|
||||||
{
|
|
||||||
"description" : [
|
|
||||||
{
|
|
||||||
"lang" : "eng",
|
|
||||||
"value" : "Gain Privileges"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"data_format" : "MITRE",
|
|
||||||
"description" : {
|
|
||||||
"description_data" : [
|
|
||||||
{
|
|
||||||
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154069.",
|
|
||||||
"lang" : "eng"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"CVE_data_meta" : {
|
"CVE_data_meta" : {
|
||||||
"STATE" : "PUBLIC",
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
||||||
"ID" : "CVE-2018-1978",
|
"ID" : "CVE-2018-1978",
|
||||||
"ASSIGNER" : "psirt@us.ibm.com"
|
"STATE" : "PUBLIC"
|
||||||
},
|
},
|
||||||
"affects" : {
|
"affects" : {
|
||||||
"vendor" : {
|
"vendor" : {
|
||||||
"vendor_data" : [
|
"vendor_data" : [
|
||||||
{
|
{
|
||||||
"vendor_name" : "IBM",
|
|
||||||
"product" : {
|
"product" : {
|
||||||
"product_data" : [
|
"product_data" : [
|
||||||
{
|
{
|
||||||
|
"product_name" : "DB2 for Linux, UNIX and Windows",
|
||||||
"version" : {
|
"version" : {
|
||||||
"version_data" : [
|
"version_data" : [
|
||||||
{
|
{
|
||||||
@ -49,51 +28,70 @@
|
|||||||
"version_value" : "11.1"
|
"version_value" : "11.1"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
}
|
||||||
"product_name" : "DB2 for Linux, UNIX and Windows"
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
},
|
||||||
|
"vendor_name" : "IBM"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"data_format" : "MITRE",
|
||||||
|
"data_type" : "CVE",
|
||||||
"data_version" : "4.0",
|
"data_version" : "4.0",
|
||||||
"references" : {
|
"description" : {
|
||||||
"reference_data" : [
|
"description_data" : [
|
||||||
{
|
{
|
||||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
"lang" : "eng",
|
||||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154069."
|
||||||
"refsource" : "CONFIRM",
|
|
||||||
"title" : "IBM Security Bulletin 740413 (DB2 for Linux, UNIX and Windows)"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/154069",
|
|
||||||
"name" : "ibm-db2-cve20181978-bo (154069)",
|
|
||||||
"refsource" : "XF",
|
|
||||||
"title" : "X-Force Vulnerability Report"
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"impact" : {
|
"impact" : {
|
||||||
"cvssv3" : {
|
"cvssv3" : {
|
||||||
"TM" : {
|
|
||||||
"RC" : "C",
|
|
||||||
"RL" : "O",
|
|
||||||
"E" : "U"
|
|
||||||
},
|
|
||||||
"BM" : {
|
"BM" : {
|
||||||
"AV" : "L",
|
|
||||||
"PR" : "N",
|
|
||||||
"I" : "H",
|
|
||||||
"SCORE" : "8.400",
|
|
||||||
"A" : "H",
|
"A" : "H",
|
||||||
"S" : "U",
|
|
||||||
"AC" : "L",
|
"AC" : "L",
|
||||||
|
"AV" : "L",
|
||||||
"C" : "H",
|
"C" : "H",
|
||||||
|
"I" : "H",
|
||||||
|
"PR" : "N",
|
||||||
|
"S" : "U",
|
||||||
|
"SCORE" : "8.400",
|
||||||
"UI" : "N"
|
"UI" : "N"
|
||||||
|
},
|
||||||
|
"TM" : {
|
||||||
|
"E" : "U",
|
||||||
|
"RC" : "C",
|
||||||
|
"RL" : "O"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"data_type" : "CVE"
|
"problemtype" : {
|
||||||
|
"problemtype_data" : [
|
||||||
|
{
|
||||||
|
"description" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "Gain Privileges"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"references" : {
|
||||||
|
"reference_data" : [
|
||||||
|
{
|
||||||
|
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
||||||
|
"refsource" : "CONFIRM",
|
||||||
|
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "ibm-db2-cve20181978-bo(154069)",
|
||||||
|
"refsource" : "XF",
|
||||||
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/154069"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,53 +1,14 @@
|
|||||||
{
|
{
|
||||||
"impact" : {
|
|
||||||
"cvssv3" : {
|
|
||||||
"TM" : {
|
|
||||||
"E" : "U",
|
|
||||||
"RL" : "O",
|
|
||||||
"RC" : "C"
|
|
||||||
},
|
|
||||||
"BM" : {
|
|
||||||
"I" : "H",
|
|
||||||
"SCORE" : "8.400",
|
|
||||||
"A" : "H",
|
|
||||||
"AV" : "L",
|
|
||||||
"PR" : "N",
|
|
||||||
"C" : "H",
|
|
||||||
"UI" : "N",
|
|
||||||
"S" : "U",
|
|
||||||
"AC" : "L"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"data_type" : "CVE",
|
|
||||||
"data_version" : "4.0",
|
|
||||||
"references" : {
|
|
||||||
"reference_data" : [
|
|
||||||
{
|
|
||||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
|
||||||
"title" : "IBM Security Bulletin 740413 (DB2 for Linux, UNIX and Windows)",
|
|
||||||
"refsource" : "CONFIRM",
|
|
||||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"title" : "X-Force Vulnerability Report",
|
|
||||||
"name" : "ibm-db2-cve20181980-bo (154078)",
|
|
||||||
"refsource" : "XF",
|
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/154078"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"CVE_data_meta" : {
|
"CVE_data_meta" : {
|
||||||
"ID" : "CVE-2018-1980",
|
|
||||||
"ASSIGNER" : "psirt@us.ibm.com",
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
||||||
|
"ID" : "CVE-2018-1980",
|
||||||
"STATE" : "PUBLIC"
|
"STATE" : "PUBLIC"
|
||||||
},
|
},
|
||||||
"affects" : {
|
"affects" : {
|
||||||
"vendor" : {
|
"vendor" : {
|
||||||
"vendor_data" : [
|
"vendor_data" : [
|
||||||
{
|
{
|
||||||
"vendor_name" : "IBM",
|
|
||||||
"product" : {
|
"product" : {
|
||||||
"product_data" : [
|
"product_data" : [
|
||||||
{
|
{
|
||||||
@ -70,29 +31,66 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
},
|
||||||
|
"vendor_name" : "IBM"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"data_format" : "MITRE",
|
||||||
|
"data_type" : "CVE",
|
||||||
|
"data_version" : "4.0",
|
||||||
|
"description" : {
|
||||||
|
"description_data" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154078."
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"impact" : {
|
||||||
|
"cvssv3" : {
|
||||||
|
"BM" : {
|
||||||
|
"A" : "H",
|
||||||
|
"AC" : "L",
|
||||||
|
"AV" : "L",
|
||||||
|
"C" : "H",
|
||||||
|
"I" : "H",
|
||||||
|
"PR" : "N",
|
||||||
|
"S" : "U",
|
||||||
|
"SCORE" : "8.400",
|
||||||
|
"UI" : "N"
|
||||||
|
},
|
||||||
|
"TM" : {
|
||||||
|
"E" : "U",
|
||||||
|
"RC" : "C",
|
||||||
|
"RL" : "O"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"problemtype" : {
|
"problemtype" : {
|
||||||
"problemtype_data" : [
|
"problemtype_data" : [
|
||||||
{
|
{
|
||||||
"description" : [
|
"description" : [
|
||||||
{
|
{
|
||||||
"value" : "Gain Privileges",
|
"lang" : "eng",
|
||||||
"lang" : "eng"
|
"value" : "Gain Privileges"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"data_format" : "MITRE",
|
"references" : {
|
||||||
"description" : {
|
"reference_data" : [
|
||||||
"description_data" : [
|
|
||||||
{
|
{
|
||||||
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154078.",
|
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
||||||
"lang" : "eng"
|
"refsource" : "CONFIRM",
|
||||||
|
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "ibm-db2-cve20181980-bo(154078)",
|
||||||
|
"refsource" : "XF",
|
||||||
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/154078"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,18 +1,18 @@
|
|||||||
{
|
{
|
||||||
"CVE_data_meta" : {
|
"CVE_data_meta" : {
|
||||||
"ID" : "CVE-2018-1998",
|
|
||||||
"ASSIGNER" : "psirt@us.ibm.com",
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
"STATE" : "PUBLIC",
|
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
||||||
"DATE_PUBLIC" : "2019-03-08T00:00:00"
|
"ID" : "CVE-2018-1998",
|
||||||
|
"STATE" : "PUBLIC"
|
||||||
},
|
},
|
||||||
"affects" : {
|
"affects" : {
|
||||||
"vendor" : {
|
"vendor" : {
|
||||||
"vendor_data" : [
|
"vendor_data" : [
|
||||||
{
|
{
|
||||||
"vendor_name" : "IBM",
|
|
||||||
"product" : {
|
"product" : {
|
||||||
"product_data" : [
|
"product_data" : [
|
||||||
{
|
{
|
||||||
|
"product_name" : "MQ",
|
||||||
"version" : {
|
"version" : {
|
||||||
"version_data" : [
|
"version_data" : [
|
||||||
{
|
{
|
||||||
@ -70,28 +70,18 @@
|
|||||||
"version_value" : "9.1.1"
|
"version_value" : "9.1.1"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"product_name" : "MQ"
|
"vendor_name" : "IBM"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"problemtype" : {
|
|
||||||
"problemtype_data" : [
|
|
||||||
{
|
|
||||||
"description" : [
|
|
||||||
{
|
|
||||||
"value" : "Gain Privileges",
|
|
||||||
"lang" : "eng"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
},
|
||||||
"data_format" : "MITRE",
|
"data_format" : "MITRE",
|
||||||
|
"data_type" : "CVE",
|
||||||
|
"data_version" : "4.0",
|
||||||
"description" : {
|
"description" : {
|
||||||
"description_data" : [
|
"description_data" : [
|
||||||
{
|
{
|
||||||
@ -102,39 +92,47 @@
|
|||||||
},
|
},
|
||||||
"impact" : {
|
"impact" : {
|
||||||
"cvssv3" : {
|
"cvssv3" : {
|
||||||
"TM" : {
|
|
||||||
"RC" : "C",
|
|
||||||
"RL" : "O",
|
|
||||||
"E" : "U"
|
|
||||||
},
|
|
||||||
"BM" : {
|
"BM" : {
|
||||||
"UI" : "N",
|
|
||||||
"C" : "H",
|
|
||||||
"AC" : "L",
|
|
||||||
"S" : "C",
|
|
||||||
"A" : "H",
|
"A" : "H",
|
||||||
"SCORE" : "8.800",
|
"AC" : "L",
|
||||||
|
"AV" : "L",
|
||||||
|
"C" : "H",
|
||||||
"I" : "H",
|
"I" : "H",
|
||||||
"PR" : "L",
|
"PR" : "L",
|
||||||
"AV" : "L"
|
"S" : "C",
|
||||||
|
"SCORE" : "8.800",
|
||||||
|
"UI" : "N"
|
||||||
|
},
|
||||||
|
"TM" : {
|
||||||
|
"E" : "U",
|
||||||
|
"RC" : "C",
|
||||||
|
"RL" : "O"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"data_type" : "CVE",
|
"problemtype" : {
|
||||||
"data_version" : "4.0",
|
"problemtype_data" : [
|
||||||
|
{
|
||||||
|
"description" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "Gain Privileges"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
"references" : {
|
"references" : {
|
||||||
"reference_data" : [
|
"reference_data" : [
|
||||||
{
|
{
|
||||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10870488",
|
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10870488",
|
||||||
"refsource" : "CONFIRM",
|
"refsource" : "CONFIRM",
|
||||||
"title" : "IBM Security Bulletin 870488 (MQ)",
|
|
||||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10870488"
|
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10870488"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/154887",
|
"name" : "ibm-websphere-cve20181998-priv-escalation(154887)",
|
||||||
"title" : "X-Force Vulnerability Report",
|
|
||||||
"refsource" : "XF",
|
"refsource" : "XF",
|
||||||
"name" : "ibm-websphere-cve20181998-priv-escalation (154887)"
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/154887"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,50 +1,18 @@
|
|||||||
{
|
{
|
||||||
"data_type" : "CVE",
|
"CVE_data_meta" : {
|
||||||
"impact" : {
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
"cvssv3" : {
|
"DATE_PUBLIC" : "2019-03-05T00:00:00",
|
||||||
"TM" : {
|
"ID" : "CVE-2018-2009",
|
||||||
"RC" : "C",
|
"STATE" : "PUBLIC"
|
||||||
"RL" : "O",
|
|
||||||
"E" : "U"
|
|
||||||
},
|
|
||||||
"BM" : {
|
|
||||||
"A" : "N",
|
|
||||||
"I" : "N",
|
|
||||||
"SCORE" : "6.500",
|
|
||||||
"PR" : "L",
|
|
||||||
"AV" : "N",
|
|
||||||
"UI" : "N",
|
|
||||||
"C" : "H",
|
|
||||||
"AC" : "L",
|
|
||||||
"S" : "U"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"data_version" : "4.0",
|
|
||||||
"references" : {
|
|
||||||
"reference_data" : [
|
|
||||||
{
|
|
||||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10794327",
|
|
||||||
"refsource" : "CONFIRM",
|
|
||||||
"title" : "IBM Security Bulletin 794327 (API Connect)",
|
|
||||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10794327"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"title" : "X-Force Vulnerability Report",
|
|
||||||
"refsource" : "XF",
|
|
||||||
"name" : "ibm-api-cve20182009-info-disc (155148)",
|
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155148"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
},
|
||||||
"affects" : {
|
"affects" : {
|
||||||
"vendor" : {
|
"vendor" : {
|
||||||
"vendor_data" : [
|
"vendor_data" : [
|
||||||
{
|
{
|
||||||
"vendor_name" : "IBM",
|
|
||||||
"product" : {
|
"product" : {
|
||||||
"product_data" : [
|
"product_data" : [
|
||||||
{
|
{
|
||||||
|
"product_name" : "API Connect",
|
||||||
"version" : {
|
"version" : {
|
||||||
"version_data" : [
|
"version_data" : [
|
||||||
{
|
{
|
||||||
@ -54,30 +22,46 @@
|
|||||||
"version_value" : "2018.4.1"
|
"version_value" : "2018.4.1"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
}
|
||||||
"product_name" : "API Connect"
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
},
|
||||||
|
"vendor_name" : "IBM"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"CVE_data_meta" : {
|
"data_format" : "MITRE",
|
||||||
"ID" : "CVE-2018-2009",
|
"data_type" : "CVE",
|
||||||
"ASSIGNER" : "psirt@us.ibm.com",
|
"data_version" : "4.0",
|
||||||
"DATE_PUBLIC" : "2019-03-05T00:00:00",
|
|
||||||
"STATE" : "PUBLIC"
|
|
||||||
},
|
|
||||||
"description" : {
|
"description" : {
|
||||||
"description_data" : [
|
"description_data" : [
|
||||||
{
|
{
|
||||||
"value" : "IBM API Connect v2018.1 and 2018.4.1 is affected by an information disclosure vulnerability in the consumer API. Any registered user can obtain a list of all other users in all other orgs, including email id/names, etc. IBM X-Force ID: 155148.",
|
"lang" : "eng",
|
||||||
"lang" : "eng"
|
"value" : "IBM API Connect v2018.1 and 2018.4.1 is affected by an information disclosure vulnerability in the consumer API. Any registered user can obtain a list of all other users in all other orgs, including email id/names, etc. IBM X-Force ID: 155148."
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"data_format" : "MITRE",
|
"impact" : {
|
||||||
|
"cvssv3" : {
|
||||||
|
"BM" : {
|
||||||
|
"A" : "N",
|
||||||
|
"AC" : "L",
|
||||||
|
"AV" : "N",
|
||||||
|
"C" : "H",
|
||||||
|
"I" : "N",
|
||||||
|
"PR" : "L",
|
||||||
|
"S" : "U",
|
||||||
|
"SCORE" : "6.500",
|
||||||
|
"UI" : "N"
|
||||||
|
},
|
||||||
|
"TM" : {
|
||||||
|
"E" : "U",
|
||||||
|
"RC" : "C",
|
||||||
|
"RL" : "O"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"problemtype" : {
|
"problemtype" : {
|
||||||
"problemtype_data" : [
|
"problemtype_data" : [
|
||||||
{
|
{
|
||||||
@ -89,5 +73,19 @@
|
|||||||
]
|
]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
},
|
||||||
|
"references" : {
|
||||||
|
"reference_data" : [
|
||||||
|
{
|
||||||
|
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10794327",
|
||||||
|
"refsource" : "CONFIRM",
|
||||||
|
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10794327"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "ibm-api-cve20182009-info-disc(155148)",
|
||||||
|
"refsource" : "XF",
|
||||||
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155148"
|
||||||
|
}
|
||||||
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,50 +1,18 @@
|
|||||||
{
|
{
|
||||||
"data_type" : "CVE",
|
"CVE_data_meta" : {
|
||||||
"impact" : {
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
"cvssv3" : {
|
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
||||||
"BM" : {
|
"ID" : "CVE-2019-4015",
|
||||||
"S" : "U",
|
"STATE" : "PUBLIC"
|
||||||
"AC" : "L",
|
|
||||||
"C" : "H",
|
|
||||||
"UI" : "N",
|
|
||||||
"AV" : "L",
|
|
||||||
"PR" : "N",
|
|
||||||
"SCORE" : "8.400",
|
|
||||||
"I" : "H",
|
|
||||||
"A" : "H"
|
|
||||||
},
|
},
|
||||||
"TM" : {
|
|
||||||
"E" : "U",
|
|
||||||
"RL" : "O",
|
|
||||||
"RC" : "C"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"references" : {
|
|
||||||
"reference_data" : [
|
|
||||||
{
|
|
||||||
"title" : "IBM Security Bulletin 740413 (DB2 for Linux, UNIX and Windows)",
|
|
||||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
|
||||||
"refsource" : "CONFIRM",
|
|
||||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155893",
|
|
||||||
"name" : "ibm-db2-cve20194015-bo (155893)",
|
|
||||||
"refsource" : "XF",
|
|
||||||
"title" : "X-Force Vulnerability Report"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"data_version" : "4.0",
|
|
||||||
"affects" : {
|
"affects" : {
|
||||||
"vendor" : {
|
"vendor" : {
|
||||||
"vendor_data" : [
|
"vendor_data" : [
|
||||||
{
|
{
|
||||||
"vendor_name" : "IBM",
|
|
||||||
"product" : {
|
"product" : {
|
||||||
"product_data" : [
|
"product_data" : [
|
||||||
{
|
{
|
||||||
|
"product_name" : "DB2 for Linux, UNIX and Windows",
|
||||||
"version" : {
|
"version" : {
|
||||||
"version_data" : [
|
"version_data" : [
|
||||||
{
|
{
|
||||||
@ -60,30 +28,46 @@
|
|||||||
"version_value" : "11.1"
|
"version_value" : "11.1"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
}
|
||||||
"product_name" : "DB2 for Linux, UNIX and Windows"
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
},
|
||||||
|
"vendor_name" : "IBM"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"CVE_data_meta" : {
|
"data_format" : "MITRE",
|
||||||
"ASSIGNER" : "psirt@us.ibm.com",
|
"data_type" : "CVE",
|
||||||
"ID" : "CVE-2019-4015",
|
"data_version" : "4.0",
|
||||||
"STATE" : "PUBLIC",
|
|
||||||
"DATE_PUBLIC" : "2019-03-08T00:00:00"
|
|
||||||
},
|
|
||||||
"description" : {
|
"description" : {
|
||||||
"description_data" : [
|
"description_data" : [
|
||||||
{
|
{
|
||||||
"lang" : "eng",
|
"lang" : "eng",
|
||||||
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155893.."
|
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155893."
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"data_format" : "MITRE",
|
"impact" : {
|
||||||
|
"cvssv3" : {
|
||||||
|
"BM" : {
|
||||||
|
"A" : "H",
|
||||||
|
"AC" : "L",
|
||||||
|
"AV" : "L",
|
||||||
|
"C" : "H",
|
||||||
|
"I" : "H",
|
||||||
|
"PR" : "N",
|
||||||
|
"S" : "U",
|
||||||
|
"SCORE" : "8.400",
|
||||||
|
"UI" : "N"
|
||||||
|
},
|
||||||
|
"TM" : {
|
||||||
|
"E" : "U",
|
||||||
|
"RC" : "C",
|
||||||
|
"RL" : "O"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"problemtype" : {
|
"problemtype" : {
|
||||||
"problemtype_data" : [
|
"problemtype_data" : [
|
||||||
{
|
{
|
||||||
@ -95,5 +79,19 @@
|
|||||||
]
|
]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
},
|
||||||
|
"references" : {
|
||||||
|
"reference_data" : [
|
||||||
|
{
|
||||||
|
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
||||||
|
"refsource" : "CONFIRM",
|
||||||
|
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "ibm-db2-cve20194015-bo(155893)",
|
||||||
|
"refsource" : "XF",
|
||||||
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155893"
|
||||||
|
}
|
||||||
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,74 +1,14 @@
|
|||||||
{
|
{
|
||||||
"references" : {
|
|
||||||
"reference_data" : [
|
|
||||||
{
|
|
||||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
|
||||||
"refsource" : "CONFIRM",
|
|
||||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
|
||||||
"title" : "IBM Security Bulletin 740413 (DB2 for Linux, UNIX and Windows)"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155894",
|
|
||||||
"name" : "ibm-db2-cve20194016-bo (155894)",
|
|
||||||
"refsource" : "XF",
|
|
||||||
"title" : "X-Force Vulnerability Report"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"data_version" : "4.0",
|
|
||||||
"impact" : {
|
|
||||||
"cvssv3" : {
|
|
||||||
"BM" : {
|
|
||||||
"S" : "U",
|
|
||||||
"AC" : "L",
|
|
||||||
"C" : "H",
|
|
||||||
"UI" : "N",
|
|
||||||
"AV" : "L",
|
|
||||||
"PR" : "N",
|
|
||||||
"I" : "H",
|
|
||||||
"SCORE" : "8.400",
|
|
||||||
"A" : "H"
|
|
||||||
},
|
|
||||||
"TM" : {
|
|
||||||
"E" : "U",
|
|
||||||
"RC" : "C",
|
|
||||||
"RL" : "O"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"data_type" : "CVE",
|
|
||||||
"problemtype" : {
|
|
||||||
"problemtype_data" : [
|
|
||||||
{
|
|
||||||
"description" : [
|
|
||||||
{
|
|
||||||
"lang" : "eng",
|
|
||||||
"value" : "Gain Privileges"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"data_format" : "MITRE",
|
|
||||||
"description" : {
|
|
||||||
"description_data" : [
|
|
||||||
{
|
|
||||||
"lang" : "eng",
|
|
||||||
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155894."
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"CVE_data_meta" : {
|
"CVE_data_meta" : {
|
||||||
"ID" : "CVE-2019-4016",
|
|
||||||
"ASSIGNER" : "psirt@us.ibm.com",
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
"DATE_PUBLIC" : "2019-03-08T00:00:00",
|
||||||
|
"ID" : "CVE-2019-4016",
|
||||||
"STATE" : "PUBLIC"
|
"STATE" : "PUBLIC"
|
||||||
},
|
},
|
||||||
"affects" : {
|
"affects" : {
|
||||||
"vendor" : {
|
"vendor" : {
|
||||||
"vendor_data" : [
|
"vendor_data" : [
|
||||||
{
|
{
|
||||||
"vendor_name" : "IBM",
|
|
||||||
"product" : {
|
"product" : {
|
||||||
"product_data" : [
|
"product_data" : [
|
||||||
{
|
{
|
||||||
@ -91,9 +31,67 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
},
|
||||||
|
"vendor_name" : "IBM"
|
||||||
}
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"data_format" : "MITRE",
|
||||||
|
"data_type" : "CVE",
|
||||||
|
"data_version" : "4.0",
|
||||||
|
"description" : {
|
||||||
|
"description_data" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155894."
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"impact" : {
|
||||||
|
"cvssv3" : {
|
||||||
|
"BM" : {
|
||||||
|
"A" : "H",
|
||||||
|
"AC" : "L",
|
||||||
|
"AV" : "L",
|
||||||
|
"C" : "H",
|
||||||
|
"I" : "H",
|
||||||
|
"PR" : "N",
|
||||||
|
"S" : "U",
|
||||||
|
"SCORE" : "8.400",
|
||||||
|
"UI" : "N"
|
||||||
|
},
|
||||||
|
"TM" : {
|
||||||
|
"E" : "U",
|
||||||
|
"RC" : "C",
|
||||||
|
"RL" : "O"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"problemtype" : {
|
||||||
|
"problemtype_data" : [
|
||||||
|
{
|
||||||
|
"description" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "Gain Privileges"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"references" : {
|
||||||
|
"reference_data" : [
|
||||||
|
{
|
||||||
|
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
|
||||||
|
"refsource" : "CONFIRM",
|
||||||
|
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "ibm-db2-cve20194016-bo(155894)",
|
||||||
|
"refsource" : "XF",
|
||||||
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155894"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|||||||
@ -1,43 +1,67 @@
|
|||||||
{
|
{
|
||||||
"references" : {
|
"CVE_data_meta" : {
|
||||||
"reference_data" : [
|
"ASSIGNER" : "psirt@us.ibm.com",
|
||||||
|
"DATE_PUBLIC" : "2019-03-04T00:00:00",
|
||||||
|
"ID" : "CVE-2019-4030",
|
||||||
|
"STATE" : "PUBLIC"
|
||||||
|
},
|
||||||
|
"affects" : {
|
||||||
|
"vendor" : {
|
||||||
|
"vendor_data" : [
|
||||||
{
|
{
|
||||||
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10869406",
|
"product" : {
|
||||||
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10869406",
|
"product_data" : [
|
||||||
"refsource" : "CONFIRM",
|
{
|
||||||
"title" : "IBM Security Bulletin 869406 (WebSphere Application Server)"
|
"product_name" : "WebSphere Application Server",
|
||||||
|
"version" : {
|
||||||
|
"version_data" : [
|
||||||
|
{
|
||||||
|
"version_value" : "8.5"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"title" : "X-Force Vulnerability Report",
|
"version_value" : "9.0"
|
||||||
"refsource" : "XF",
|
}
|
||||||
"name" : "ibm-websphere-cve20194030-xss (155946)",
|
]
|
||||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155946"
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"data_version" : "4.0",
|
"vendor_name" : "IBM"
|
||||||
"data_type" : "CVE",
|
|
||||||
"impact" : {
|
|
||||||
"cvssv3" : {
|
|
||||||
"BM" : {
|
|
||||||
"AV" : "N",
|
|
||||||
"PR" : "L",
|
|
||||||
"I" : "L",
|
|
||||||
"SCORE" : "5.400",
|
|
||||||
"A" : "N",
|
|
||||||
"S" : "C",
|
|
||||||
"AC" : "L",
|
|
||||||
"C" : "L",
|
|
||||||
"UI" : "R"
|
|
||||||
},
|
|
||||||
"TM" : {
|
|
||||||
"RL" : "O",
|
|
||||||
"RC" : "C",
|
|
||||||
"E" : "H"
|
|
||||||
}
|
}
|
||||||
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"data_format" : "MITRE",
|
"data_format" : "MITRE",
|
||||||
|
"data_type" : "CVE",
|
||||||
|
"data_version" : "4.0",
|
||||||
|
"description" : {
|
||||||
|
"description_data" : [
|
||||||
|
{
|
||||||
|
"lang" : "eng",
|
||||||
|
"value" : "IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155946."
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"impact" : {
|
||||||
|
"cvssv3" : {
|
||||||
|
"BM" : {
|
||||||
|
"A" : "N",
|
||||||
|
"AC" : "L",
|
||||||
|
"AV" : "N",
|
||||||
|
"C" : "L",
|
||||||
|
"I" : "L",
|
||||||
|
"PR" : "L",
|
||||||
|
"S" : "C",
|
||||||
|
"SCORE" : "5.400",
|
||||||
|
"UI" : "R"
|
||||||
|
},
|
||||||
|
"TM" : {
|
||||||
|
"E" : "H",
|
||||||
|
"RC" : "C",
|
||||||
|
"RL" : "O"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"problemtype" : {
|
"problemtype" : {
|
||||||
"problemtype_data" : [
|
"problemtype_data" : [
|
||||||
{
|
{
|
||||||
@ -50,44 +74,18 @@
|
|||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"description" : {
|
"references" : {
|
||||||
"description_data" : [
|
"reference_data" : [
|
||||||
{
|
{
|
||||||
"value" : "IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155946.",
|
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10869406",
|
||||||
"lang" : "eng"
|
"refsource" : "CONFIRM",
|
||||||
}
|
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10869406"
|
||||||
]
|
|
||||||
},
|
|
||||||
"CVE_data_meta" : {
|
|
||||||
"ASSIGNER" : "psirt@us.ibm.com",
|
|
||||||
"ID" : "CVE-2019-4030",
|
|
||||||
"DATE_PUBLIC" : "2019-03-04T00:00:00",
|
|
||||||
"STATE" : "PUBLIC"
|
|
||||||
},
|
|
||||||
"affects" : {
|
|
||||||
"vendor" : {
|
|
||||||
"vendor_data" : [
|
|
||||||
{
|
|
||||||
"vendor_name" : "IBM",
|
|
||||||
"product" : {
|
|
||||||
"product_data" : [
|
|
||||||
{
|
|
||||||
"version" : {
|
|
||||||
"version_data" : [
|
|
||||||
{
|
|
||||||
"version_value" : "8.5"
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"version_value" : "9.0"
|
"name" : "ibm-websphere-cve20194030-xss(155946)",
|
||||||
}
|
"refsource" : "XF",
|
||||||
]
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155946"
|
||||||
},
|
|
||||||
"product_name" : "WebSphere Application Server"
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user