- Synchronized data.

This commit is contained in:
CVE Team 2018-12-26 10:03:23 -05:00
parent 45bd8d0c29
commit a4a9688cc2
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8

View File

@ -1,99 +1,99 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@suse.de",
"DATE_PUBLIC": "2018-12-23T00:00:00.000Z",
"ID": "CVE-2018-17957",
"STATE": "PUBLIC",
"TITLE": "yast2-rmt leaks database passwords in process list"
"CVE_data_meta" : {
"ASSIGNER" : "security@suse.de",
"DATE_PUBLIC" : "2018-12-23T00:00:00.000Z",
"ID" : "CVE-2018-17957",
"STATE" : "PUBLIC",
"TITLE" : "yast2-rmt leaks database passwords in process list"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "yast2-rmt",
"version": {
"version_data": [
"product_name" : "yast2-rmt",
"version" : {
"version_data" : [
{
"affected": "<",
"version_value": "1.1.2"
"affected" : "<",
"version_value" : "1.1.2"
}
]
}
}
]
},
"vendor_name": "SUSE"
"vendor_name" : "SUSE"
}
]
}
},
"credit": [
"credit" : [
{
"lang": "eng",
"value": "Fabian Schilling of SUSE"
"lang" : "eng",
"value" : "Fabian Schilling of SUSE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "The YaST2 RMT module for configuring the SUSE Repository Mirroring Tool (RMT) before 1.1.2 exposed MySQL database passwords on process commandline, allowing local attackers to access or corrupt the RMT database."
"lang" : "eng",
"value" : "The YaST2 RMT module for configuring the SUSE Repository Mirroring Tool (RMT) before 1.1.2 exposed MySQL database passwords on process commandline, allowing local attackers to access or corrupt the RMT database."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "LOCAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.4,
"baseSeverity" : "LOW",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"privilegesRequired" : "HIGH",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "CWE-214"
"lang" : "eng",
"value" : "CWE-214"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"name": "https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00068.html",
"refsource": "CONFIRM",
"url": "https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00068.html"
"name" : "https://bugzilla.suse.com/show_bug.cgi?id=1117602",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.suse.com/show_bug.cgi?id=1117602"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1117602",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1117602"
"name" : "https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00068.html",
"refsource" : "CONFIRM",
"url" : "https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00068.html"
}
]
},
"source": {
"advisory": " openSUSE-SU-2018:4272-1",
"defect": [
"source" : {
"advisory" : " openSUSE-SU-2018:4272-1",
"defect" : [
"1117602"
],
"discovery": "INTERNAL"
"discovery" : "INTERNAL"
}
}
}