From b991d599c3cb081931ae274c7c952b190ce6649b Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 14 May 2021 17:00:39 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/4xxx/CVE-2020-4985.json | 176 ++++++++++++++--------------- 2021/20xxx/CVE-2021-20391.json | 180 +++++++++++++++--------------- 2021/20xxx/CVE-2021-20393.json | 180 +++++++++++++++--------------- 2021/20xxx/CVE-2021-20429.json | 180 +++++++++++++++--------------- 2021/20xxx/CVE-2021-20564.json | 196 ++++++++++++++++---------------- 2021/20xxx/CVE-2021-20565.json | 198 ++++++++++++++++----------------- 6 files changed, 555 insertions(+), 555 deletions(-) diff --git a/2020/4xxx/CVE-2020-4985.json b/2020/4xxx/CVE-2020-4985.json index e244365316a..95236f91799 100644 --- a/2020/4xxx/CVE-2020-4985.json +++ b/2020/4xxx/CVE-2020-4985.json @@ -1,90 +1,90 @@ { - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "Planning Analytics Local", - "version" : { - "version_data" : [ - { - "version_value" : "2.0" - } - ] - } - } - ] - } - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Planning Analytics Local 2.0 could allow an attacker to obtain sensitive information due to accepting body parameters in a query. IBM X-Force ID: 192642." - } - ] - }, - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/pages/node/6452743", - "title" : "IBM Security Bulletin 6452743 (Planning Analytics Local)", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6452743" - }, - { - "name" : "ibm-planning-cve20204985-info-disc (192642)", - "title" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/192642", - "refsource" : "XF" - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "C" : "L", - "A" : "N", - "AV" : "N", - "S" : "U", - "PR" : "N", - "AC" : "H", - "I" : "N", - "SCORE" : "3.700", - "UI" : "N" - }, - "TM" : { - "RC" : "C", - "E" : "U", - "RL" : "O" - } - } - }, - "CVE_data_meta" : { - "ID" : "CVE-2020-4985", - "DATE_PUBLIC" : "2021-05-13T00:00:00", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Planning Analytics Local", + "version": { + "version_data": [ + { + "version_value": "2.0" + } + ] + } + } + ] + } + } ] - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Planning Analytics Local 2.0 could allow an attacker to obtain sensitive information due to accepting body parameters in a query. IBM X-Force ID: 192642." + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/pages/node/6452743", + "title": "IBM Security Bulletin 6452743 (Planning Analytics Local)", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6452743" + }, + { + "name": "ibm-planning-cve20204985-info-disc (192642)", + "title": "X-Force Vulnerability Report", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/192642", + "refsource": "XF" + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "C": "L", + "A": "N", + "AV": "N", + "S": "U", + "PR": "N", + "AC": "H", + "I": "N", + "SCORE": "3.700", + "UI": "N" + }, + "TM": { + "RC": "C", + "E": "U", + "RL": "O" + } + } + }, + "CVE_data_meta": { + "ID": "CVE-2020-4985", + "DATE_PUBLIC": "2021-05-13T00:00:00", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com" + }, + "data_format": "MITRE", + "data_type": "CVE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Obtain Information", + "lang": "eng" + } + ] + } + ] + } +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20391.json b/2021/20xxx/CVE-2021-20391.json index 6791cb3898c..1c54e17d51a 100644 --- a/2021/20xxx/CVE-2021-20391.json +++ b/2021/20xxx/CVE-2021-20391.json @@ -1,93 +1,93 @@ { - "data_type" : "CVE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2021-05-13T00:00:00", - "STATE" : "PUBLIC", - "ID" : "CVE-2021-20391" - }, - "data_format" : "MITRE", - "impact" : { - "cvssv3" : { - "TM" : { - "RL" : "O", - "E" : "U", - "RC" : "C" - }, - "BM" : { - "S" : "U", - "C" : "L", - "A" : "N", - "AV" : "L", - "UI" : "N", - "SCORE" : "4.000", - "AC" : "L", - "I" : "N", - "PR" : "N" - } - } - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_type": "CVE", + "problemtype": { + "problemtype_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "1.0.0" - }, - { - "version_value" : "4.1.1" - } - ] - }, - "product_name" : "QRadar SIEM" - } - ] - } + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999." - } - ] - }, - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/pages/node/6453103", - "title" : "IBM Security Bulletin 6453103 (QRadar SIEM)", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6453103" - }, - { - "name" : "ibm-qradar-cve202120391-info-disc (195999)", - "title" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/195999", - "refsource" : "XF" - } - ] - } -} + ] + }, + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2021-05-13T00:00:00", + "STATE": "PUBLIC", + "ID": "CVE-2021-20391" + }, + "data_format": "MITRE", + "impact": { + "cvssv3": { + "TM": { + "RL": "O", + "E": "U", + "RC": "C" + }, + "BM": { + "S": "U", + "C": "L", + "A": "N", + "AV": "L", + "UI": "N", + "SCORE": "4.000", + "AC": "L", + "I": "N", + "PR": "N" + } + } + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "1.0.0" + }, + { + "version_value": "4.1.1" + } + ] + }, + "product_name": "QRadar SIEM" + } + ] + } + } + ] + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999." + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/pages/node/6453103", + "title": "IBM Security Bulletin 6453103 (QRadar SIEM)", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6453103" + }, + { + "name": "ibm-qradar-cve202120391-info-disc (195999)", + "title": "X-Force Vulnerability Report", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/195999", + "refsource": "XF" + } + ] + } +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20393.json b/2021/20xxx/CVE-2021-20393.json index 9d7b7fada98..726d1f25c0a 100644 --- a/2021/20xxx/CVE-2021-20393.json +++ b/2021/20xxx/CVE-2021-20393.json @@ -1,93 +1,93 @@ { - "data_format" : "MITRE", - "CVE_data_meta" : { - "ID" : "CVE-2021-20393", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2021-05-13T00:00:00" - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "data_type" : "CVE", - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6453109", - "name" : "https://www.ibm.com/support/pages/node/6453109", - "title" : "IBM Security Bulletin 6453109 (QRadar SIEM)" - }, - { - "name" : "ibm-qradar-cve202120393-info-disc (196001)", - "title" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196001", - "refsource" : "XF" - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2021-20393", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2021-05-13T00:00:00" + }, + "problemtype": { + "problemtype_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "QRadar SIEM", - "version" : { - "version_data" : [ - { - "version_value" : "1.0.0" - }, - { - "version_value" : "4.1.1" - } - ] - } - } - ] - } + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001." - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "AV" : "N", - "C" : "L", - "A" : "N", - "S" : "U", - "PR" : "N", - "I" : "N", - "AC" : "L", - "SCORE" : "5.300", - "UI" : "N" - }, - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "U" - } - } - } -} + ] + }, + "data_type": "CVE", + "data_version": "4.0", + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6453109", + "name": "https://www.ibm.com/support/pages/node/6453109", + "title": "IBM Security Bulletin 6453109 (QRadar SIEM)" + }, + { + "name": "ibm-qradar-cve202120393-info-disc (196001)", + "title": "X-Force Vulnerability Report", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196001", + "refsource": "XF" + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "QRadar SIEM", + "version": { + "version_data": [ + { + "version_value": "1.0.0" + }, + { + "version_value": "4.1.1" + } + ] + } + } + ] + } + } + ] + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001." + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "AV": "N", + "C": "L", + "A": "N", + "S": "U", + "PR": "N", + "I": "N", + "AC": "L", + "SCORE": "5.300", + "UI": "N" + }, + "TM": { + "RC": "C", + "RL": "O", + "E": "U" + } + } + } +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20429.json b/2021/20xxx/CVE-2021-20429.json index 1e0bb4d8514..0aa4b751ce8 100644 --- a/2021/20xxx/CVE-2021-20429.json +++ b/2021/20xxx/CVE-2021-20429.json @@ -1,93 +1,93 @@ { - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "data_type" : "CVE", - "data_format" : "MITRE", - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2021-05-13T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2021-20429" - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RL" : "O", - "E" : "U", - "RC" : "C" - }, - "BM" : { - "C" : "L", - "A" : "N", - "AV" : "N", - "S" : "U", - "PR" : "N", - "AC" : "H", - "I" : "N", - "SCORE" : "3.700", - "UI" : "N" - } - } - }, - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6453107", - "title" : "IBM Security Bulletin 6453107 (QRadar SIEM)", - "name" : "https://www.ibm.com/support/pages/node/6453107" - }, - { - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196334", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-qradar-cve202120429-info-disc (196334)" - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "problemtype": { + "problemtype_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "1.0.0" - }, - { - "version_value" : "4.1.1" - } - ] - }, - "product_name" : "QRadar SIEM" - } - ] - }, - "vendor_name" : "IBM" + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] } - ] - } - }, - "description" : { - "description_data" : [ - { - "value" : "IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334.", - "lang" : "eng" - } - ] - } -} + ] + }, + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "STATE": "PUBLIC", + "DATE_PUBLIC": "2021-05-13T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2021-20429" + }, + "impact": { + "cvssv3": { + "TM": { + "RL": "O", + "E": "U", + "RC": "C" + }, + "BM": { + "C": "L", + "A": "N", + "AV": "N", + "S": "U", + "PR": "N", + "AC": "H", + "I": "N", + "SCORE": "3.700", + "UI": "N" + } + } + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6453107", + "title": "IBM Security Bulletin 6453107 (QRadar SIEM)", + "name": "https://www.ibm.com/support/pages/node/6453107" + }, + { + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196334", + "title": "X-Force Vulnerability Report", + "name": "ibm-qradar-cve202120429-info-disc (196334)" + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "1.0.0" + }, + { + "version_value": "4.1.1" + } + ] + }, + "product_name": "QRadar SIEM" + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "description": { + "description_data": [ + { + "value": "IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334.", + "lang": "eng" + } + ] + } +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20564.json b/2021/20xxx/CVE-2021-20564.json index 34c25732001..ea761a46272 100644 --- a/2021/20xxx/CVE-2021-20564.json +++ b/2021/20xxx/CVE-2021-20564.json @@ -1,102 +1,102 @@ { - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6453115", - "title" : "IBM Security Bulletin 6453115 (Cloud Pak for Security)", - "name" : "https://www.ibm.com/support/pages/node/6453115" - }, - { - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/199235", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-cp4s-cve202120564-info-disc (199235)" - } - ] - }, - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 199235." - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "references": { + "reference_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "1.4.0.0" - }, - { - "version_value" : "1.6.0.0" - }, - { - "version_value" : "1.5.0.1" - }, - { - "version_value" : "1.5.0.0" - }, - { - "version_value" : "1.6.0.1" - } - ] - }, - "product_name" : "Cloud Pak for Security" - } - ] - }, - "vendor_name" : "IBM" + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6453115", + "title": "IBM Security Bulletin 6453115 (Cloud Pak for Security)", + "name": "https://www.ibm.com/support/pages/node/6453115" + }, + { + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199235", + "title": "X-Force Vulnerability Report", + "name": "ibm-cp4s-cve202120564-info-disc (199235)" } - ] - } - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "U" - }, - "BM" : { - "PR" : "N", - "UI" : "N", - "SCORE" : "5.900", - "I" : "N", - "AC" : "H", - "AV" : "N", - "C" : "H", - "A" : "N", - "S" : "U" - } - } - }, - "data_format" : "MITRE", - "CVE_data_meta" : { - "ID" : "CVE-2021-20564", - "DATE_PUBLIC" : "2021-05-13T00:00:00", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com" - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + ] + }, + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 199235." + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "1.4.0.0" + }, + { + "version_value": "1.6.0.0" + }, + { + "version_value": "1.5.0.1" + }, + { + "version_value": "1.5.0.0" + }, + { + "version_value": "1.6.0.1" + } + ] + }, + "product_name": "Cloud Pak for Security" + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "data_type" : "CVE" -} + } + }, + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "RL": "O", + "E": "U" + }, + "BM": { + "PR": "N", + "UI": "N", + "SCORE": "5.900", + "I": "N", + "AC": "H", + "AV": "N", + "C": "H", + "A": "N", + "S": "U" + } + } + }, + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2021-20564", + "DATE_PUBLIC": "2021-05-13T00:00:00", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "data_type": "CVE" +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20565.json b/2021/20xxx/CVE-2021-20565.json index 093fdc63d77..5d634dbb10d 100644 --- a/2021/20xxx/CVE-2021-20565.json +++ b/2021/20xxx/CVE-2021-20565.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ID" : "CVE-2021-20565", - "DATE_PUBLIC" : "2021-05-13T00:00:00", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Access" - } - ] - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ID": "CVE-2021-20565", + "DATE_PUBLIC": "2021-05-13T00:00:00", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com" + }, + "data_format": "MITRE", + "data_type": "CVE", + "problemtype": { + "problemtype_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "Cloud Pak for Security", - "version" : { - "version_data" : [ - { - "version_value" : "1.4.0.0" - }, - { - "version_value" : "1.6.0.0" - }, - { - "version_value" : "1.5.0.1" - }, - { - "version_value" : "1.5.0.0" - }, - { - "version_value" : "1.6.0.1" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" + "description": [ + { + "lang": "eng", + "value": "Gain Access" + } + ] } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism. IBM X-Force ID: 199236." - } - ] - }, - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6453115", - "name" : "https://www.ibm.com/support/pages/node/6453115", - "title" : "IBM Security Bulletin 6453115 (Cloud Pak for Security)" - }, - { - "name" : "ibm-cp4s-cve202120565-improper-input (199236)", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/199236" - } - ] - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "U" - }, - "BM" : { - "PR" : "N", - "UI" : "R", - "SCORE" : "4.600", - "AC" : "L", - "I" : "L", - "C" : "N", - "A" : "L", - "AV" : "A", - "S" : "U" - } - } - } -} + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cloud Pak for Security", + "version": { + "version_data": [ + { + "version_value": "1.4.0.0" + }, + { + "version_value": "1.6.0.0" + }, + { + "version_value": "1.5.0.1" + }, + { + "version_value": "1.5.0.0" + }, + { + "version_value": "1.6.0.1" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism. IBM X-Force ID: 199236." + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6453115", + "name": "https://www.ibm.com/support/pages/node/6453115", + "title": "IBM Security Bulletin 6453115 (Cloud Pak for Security)" + }, + { + "name": "ibm-cp4s-cve202120565-improper-input (199236)", + "title": "X-Force Vulnerability Report", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199236" + } + ] + }, + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "RL": "O", + "E": "U" + }, + "BM": { + "PR": "N", + "UI": "R", + "SCORE": "4.600", + "AC": "L", + "I": "L", + "C": "N", + "A": "L", + "AV": "A", + "S": "U" + } + } + } +} \ No newline at end of file