mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-06-08 05:58:08 +00:00
Merge branch 'ScottMooreIBM-IBM20190226-93758'
This commit is contained in:
CVE Team
commit
b078fc322d
@ -1,18 +1,197 @@
|
||||
{
|
||||
"CVE_data_meta" : {
|
||||
"ASSIGNER" : "cve@mitre.org",
|
||||
"ID" : "CVE-2018-1775",
|
||||
"STATE" : "RESERVED"
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"title" : "IBM Security Bulletin 872486 (SAN Volume Controller)",
|
||||
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872486",
|
||||
"refsource" : "CONFIRM",
|
||||
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872486"
|
||||
},
|
||||
{
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"name" : "ibm-storwize-cve20181775-file-download (148757)",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148757",
|
||||
"refsource" : "XF"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"data_type" : "CVE",
|
||||
"data_version" : "4.0",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value" : "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products versions 7.5 through 8.2 could allow an authenticated user to download arbitrary files from the operating system. IBM X-Force ID: 148757."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "7.5"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.2"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "torwize V7000"
|
||||
},
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "7.5"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.2"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "torwize V3500"
|
||||
},
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "7.5"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.2"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "torwize V3700"
|
||||
},
|
||||
{
|
||||
"product_name" : "Spectrum Virtualize for Public Cloud",
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "7.5"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "7.5"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.2"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Spectrum Virtualize Software"
|
||||
},
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "7.5"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.2"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "SAN Volume Controller"
|
||||
},
|
||||
{
|
||||
"product_name" : "FlashSystem V9000",
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "7.5"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name" : "torwize V5000",
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "7.5"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "7.5"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.2"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "FlashSystem 9100 Family"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_version" : "4.0",
|
||||
"CVE_data_meta" : {
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"STATE" : "PUBLIC",
|
||||
"ID" : "CVE-2018-1775",
|
||||
"DATE_PUBLIC" : "2019-02-25T00:00:00"
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"C" : "H",
|
||||
"AC" : "L",
|
||||
"PR" : "L",
|
||||
"I" : "N",
|
||||
"AV" : "N",
|
||||
"A" : "N",
|
||||
"SCORE" : "6.500",
|
||||
"UI" : "N",
|
||||
"S" : "U"
|
||||
},
|
||||
"TM" : {
|
||||
"E" : "U",
|
||||
"RC" : "C",
|
||||
"RL" : "T"
|
||||
}
|
||||
}
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"value" : "Obtain Information",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type" : "CVE"
|
||||
}
|
||||
|
||||
@ -1,18 +1,93 @@
|
||||
{
|
||||
"CVE_data_meta" : {
|
||||
"ASSIGNER" : "cve@mitre.org",
|
||||
"ID" : "CVE-2019-4061",
|
||||
"STATE" : "RESERVED"
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"data_type" : "CVE",
|
||||
"data_version" : "4.0",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"value" : "Obtain Information",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value" : "IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. IBM X-Force ID: 156869.",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "9.2"
|
||||
},
|
||||
{
|
||||
"version_value" : "9.5"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "BigFix Platform"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10870242",
|
||||
"refsource" : "CONFIRM",
|
||||
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10870242",
|
||||
"title" : "IBM Security Bulletin 870242 (BigFix Platform)"
|
||||
},
|
||||
{
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/156869",
|
||||
"refsource" : "XF",
|
||||
"name" : "ibm-bigfix-cve20194061-info-disc (156869)"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_version" : "4.0",
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"SCORE" : "5.300",
|
||||
"UI" : "N",
|
||||
"S" : "U",
|
||||
"AC" : "L",
|
||||
"C" : "L",
|
||||
"PR" : "N",
|
||||
"I" : "N",
|
||||
"AV" : "N",
|
||||
"A" : "N"
|
||||
},
|
||||
"TM" : {
|
||||
"RL" : "O",
|
||||
"RC" : "C",
|
||||
"E" : "U"
|
||||
}
|
||||
}
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"CVE_data_meta" : {
|
||||
"STATE" : "PUBLIC",
|
||||
"ID" : "CVE-2019-4061",
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC" : "2019-02-18T00:00:00"
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user