mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
- Synchronized data.
This commit is contained in:
parent
45bd8d0c29
commit
a4a9688cc2
@ -1,99 +1,99 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@suse.de",
|
||||
"DATE_PUBLIC": "2018-12-23T00:00:00.000Z",
|
||||
"ID": "CVE-2018-17957",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "yast2-rmt leaks database passwords in process list"
|
||||
"CVE_data_meta" : {
|
||||
"ASSIGNER" : "security@suse.de",
|
||||
"DATE_PUBLIC" : "2018-12-23T00:00:00.000Z",
|
||||
"ID" : "CVE-2018-17957",
|
||||
"STATE" : "PUBLIC",
|
||||
"TITLE" : "yast2-rmt leaks database passwords in process list"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"product_name": "yast2-rmt",
|
||||
"version": {
|
||||
"version_data": [
|
||||
"product_name" : "yast2-rmt",
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"affected": "<",
|
||||
"version_value": "1.1.2"
|
||||
"affected" : "<",
|
||||
"version_value" : "1.1.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "SUSE"
|
||||
"vendor_name" : "SUSE"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"credit": [
|
||||
"credit" : [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Fabian Schilling of SUSE"
|
||||
"lang" : "eng",
|
||||
"value" : "Fabian Schilling of SUSE"
|
||||
}
|
||||
],
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
"data_format" : "MITRE",
|
||||
"data_type" : "CVE",
|
||||
"data_version" : "4.0",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The YaST2 RMT module for configuring the SUSE Repository Mirroring Tool (RMT) before 1.1.2 exposed MySQL database passwords on process commandline, allowing local attackers to access or corrupt the RMT database."
|
||||
"lang" : "eng",
|
||||
"value" : "The YaST2 RMT module for configuring the SUSE Repository Mirroring Tool (RMT) before 1.1.2 exposed MySQL database passwords on process commandline, allowing local attackers to access or corrupt the RMT database."
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 3.4,
|
||||
"baseSeverity": "LOW",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
|
||||
"version": "3.0"
|
||||
"impact" : {
|
||||
"cvss" : {
|
||||
"attackComplexity" : "LOW",
|
||||
"attackVector" : "LOCAL",
|
||||
"availabilityImpact" : "NONE",
|
||||
"baseScore" : 3.4,
|
||||
"baseSeverity" : "LOW",
|
||||
"confidentialityImpact" : "LOW",
|
||||
"integrityImpact" : "LOW",
|
||||
"privilegesRequired" : "HIGH",
|
||||
"scope" : "UNCHANGED",
|
||||
"userInteraction" : "NONE",
|
||||
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
|
||||
"version" : "3.0"
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description": [
|
||||
"description" : [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-214"
|
||||
"lang" : "eng",
|
||||
"value" : "CWE-214"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"name": "https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00068.html",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00068.html"
|
||||
"name" : "https://bugzilla.suse.com/show_bug.cgi?id=1117602",
|
||||
"refsource" : "CONFIRM",
|
||||
"url" : "https://bugzilla.suse.com/show_bug.cgi?id=1117602"
|
||||
},
|
||||
{
|
||||
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1117602",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1117602"
|
||||
"name" : "https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00068.html",
|
||||
"refsource" : "CONFIRM",
|
||||
"url" : "https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00068.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": " openSUSE-SU-2018:4272-1",
|
||||
"defect": [
|
||||
"source" : {
|
||||
"advisory" : " openSUSE-SU-2018:4272-1",
|
||||
"defect" : [
|
||||
"1117602"
|
||||
],
|
||||
"discovery": "INTERNAL"
|
||||
"discovery" : "INTERNAL"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user