Merge branch 'CVE-2018-14627' of https://github.com/RedHatProductSecurity/cvelist

2025-08-04 08:44:25 +00:00 · 2018-09-04 07:43:01 -04:00 · 2018-09-04 07:43:01 -04:00 · 8f6a0db4bf
commit 8f6a0db4bf
parent 9177fb7787 c26902e20f
1 changed files with 69 additions and 16 deletions
--- a/2018/14xxx/CVE-2018-14627.json
+++ b/2018/14xxx/CVE-2018-14627.json
@ -1,18 +1,71 @@
 {
-   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
-      "ID" : "CVE-2018-14627",
-      "STATE" : "RESERVED"
-   },
-   "data_format" : "MITRE",
-   "data_type" : "CVE",
-   "data_version" : "4.0",
-   "description" : {
-      "description_data" : [
-         {
-            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
-         }
-      ]
-   }
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2018-14627",
+        "ASSIGNER": "sfowler@redhat.com"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "[UNKNOWN]",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "JBoss/WildFly",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "14.0.0"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-319"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14627",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14627",
+                "refsource": "CONFIRM"
+            }
+        ]
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration  when SSL transport is required. Servers before this version that are configured with the  following setting allow clients to create plaintext connections: \n\n<transport-config confidentiality=\"required\" trust-in-target=\"supported\"/>"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            [
+                {
+                    "vectorString": "5.3/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
+                    "version": "3.0"
+                }
+            ]
+        ]
+    }
 }