admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'IBM20181008-85451' of https://github.com/ScottMooreIBM/cvelist

Browse Source
This commit is contained in:
CVE Team 2018-10-08 10:31:09 -04:00
commit b4f1cd945b
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
7 changed files with 539 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
2018/1xxx/CVE-2018-1723.json
View File

@ -1,10 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-10-04T00:00:00",
"ID" : "CVE-2018-1723",
"STATE" : "PUBLIC"
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
@ -12,7 +19,6 @@
"product" : {
"product_data" : [
{
"product_name" : "Spectrum Scale",
"version" : {
"version_data" : [
{
@ -34,7 +40,8 @@
"version_value" : "4.1.1.20"
}
]
}
},
"product_name" : "Spectrum Scale"
}
]
},
@ -43,29 +50,19 @@
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2 could allow a GPFS command line utility allows an unprivileged, authenticated user with access to a GPFS node to read arbitrary files available on this node. IBM X-Force ID: 147373."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "L",
"C" : "H",
"I" : "N",
"PR" : "N",
"I" : "N",
"S" : "U",
"AV" : "L",
"UI" : "N",
"SCORE" : "6.200",
"UI" : "N"
"AC" : "L",
"C" : "H"
},
"TM" : {
"E" : "U",
@ -74,28 +71,33 @@
}
}
},
"problemtype" : {
"problemtype_data" : [
"description" : {
"description_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
"value" : "IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2 could allow an unprivileged, authenticated user with access to a GPFS node to read arbitrary files available on this node. IBM X-Force ID: 147373.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1723",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-10-04T00:00:00",
"STATE" : "PUBLIC"
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10732713",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10732713",
"title" : "IBM Security Bulletin 732713 (Spectrum Scale)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10732713"
},
{
"name" : "ibm-spectrum-cve20181723-info-disc(147373)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-spectrum-cve20181723-info-disc (147373)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/147373"
}
]

94
2018/1xxx/CVE-2018-1741.json
View File

@ -1,18 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1741",
"STATE" : "RESERVED"
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "2.6"
},
{
"version_value" : "2.7"
},
{
"version_value" : "3.0"
}
]
},
"product_name" : "Security Key Lifecycle Manager"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 733425 (Security Key Lifecycle Manager)",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10733425",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10733425"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148420",
"name" : "ibm-tivoli-cve20181741-dos (148420)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "L",
"PR" : "N",
"I" : "L",
"S" : "U",
"AV" : "N",
"UI" : "N",
"SCORE" : "6.500",
"AC" : "L",
"C" : "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 does not properly limit the number or frequency of interaction which could be used to cause a denial of service, compromise program logic or other consequences. IBM X-Force ID: 148420.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2018-10-04T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2018-1741",
"ASSIGNER" : "psirt@us.ibm.com"
}
}

90
2018/1xxx/CVE-2018-1742.json
View File

@ -1,17 +1,95 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1742",
"STATE" : "RESERVED"
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "2.6"
},
{
"version_value" : "2.7"
},
{
"version_value" : "3.0"
}
]
},
"product_name" : "Security Key Lifecycle Manager"
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2018-1742",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-10-05T00:00:00",
"STATE" : "PUBLIC"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 148421."
}
]
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "5.900",
"UI" : "N",
"AV" : "L",
"S" : "C",
"I" : "N",
"PR" : "N",
"A" : "N",
"C" : "H",
"AC" : "H"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10733419",
"title" : "IBM Security Bulletin 733419 (Security Key Lifecycle Manager)",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10733419"
},
{
"refsource" : "XF",
"name" : "ibm-tivoli-cve20181742-info-disc (148421)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148421"
}
]
}

92
2018/1xxx/CVE-2018-1743.json
View File

@ -1,17 +1,95 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1743",
"STATE" : "RESERVED"
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Security Key Lifecycle Manager",
"version" : {
"version_data" : [
{
"version_value" : "2.6"
},
{
"version_value" : "2.7"
},
{
"version_value" : "3.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1743",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2018-10-04T00:00:00"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 148422.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"C" : "L",
"AC" : "L",
"S" : "U",
"AV" : "N",
"A" : "N",
"PR" : "N",
"I" : "N",
"UI" : "N",
"SCORE" : "5.300"
}
}
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10733351",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10733351",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 733351 (Security Key Lifecycle Manager)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148422",
"name" : "ibm-tivoli-cve20181743-info-disc (148422)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
}

90
2018/1xxx/CVE-2018-1749.json
View File

@ -1,17 +1,95 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1749",
"STATE" : "RESERVED"
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Bypass Security"
}
]
}
]
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Key Lifecycle Manager",
"version" : {
"version_data" : [
{
"version_value" : "2.6"
},
{
"version_value" : "2.7"
},
{
"version_value" : "3.0"
}
]
}
}
]
}
}
]
}
},
"data_type" : "CVE",
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"I" : "L",
"PR" : "L",
"A" : "N",
"AV" : "N",
"S" : "U",
"SCORE" : "4.300",
"UI" : "N",
"AC" : "L",
"C" : "N"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 148484."
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2018-10-04T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1749"
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 733303 (Security Key Lifecycle Manager)",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10733303",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10733303"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148484",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-tivoli-cve20181749-sec-bypass (148484)"
}
]
}

84
2018/1xxx/CVE-2018-1750.json
View File

@ -1,8 +1,38 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1750",
"STATE" : "RESERVED"
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Security Key Lifecycle Manager",
"version" : {
"version_data" : [
{
"version_value" : "3.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -10,8 +40,50 @@
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM Security Key Lifecycle Manager 3.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 148511.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2018-10-04T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2018-1750",
"ASSIGNER" : "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"UI" : "N",
"SCORE" : "4.200",
"S" : "U",
"AV" : "N",
"A" : "N",
"PR" : "L",
"I" : "L",
"C" : "L",
"AC" : "H"
}
}
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10733311",
"title" : "IBM Security Bulletin 733311 (Security Key Lifecycle Manager)",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10733311",
"refsource" : "CONFIRM"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148511",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-tivoli-cve20181750-incorrect-perms (148511)",
"refsource" : "XF"
}
]
}

98
2018/1xxx/CVE-2018-1753.json
View File

@ -1,18 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1753",
"STATE" : "RESERVED"
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"UI" : "N",
"SCORE" : "4.300",
"A" : "N",
"PR" : "L",
"I" : "N",
"S" : "U",
"AV" : "N",
"AC" : "L",
"C" : "L"
}
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 148514.",
"lang" : "eng"
}
]
}
},
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1753",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2018-10-04T00:00:00"
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10733359",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10733359",
"title" : "IBM Security Bulletin 733359 (Security Key Lifecycle Manager)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148514",
"refsource" : "XF",
"name" : "ibm-tivoli-cve20181753-info-disc (148514)",
"title" : "X-Force Vulnerability Report"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "2.6"
},
{
"version_value" : "2.7"
},
{
"version_value" : "3.0"
}
]
},
"product_name" : "Security Key Lifecycle Manager"
}
]
}
}
]
}
},
"data_type" : "CVE"
}