"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2019-06-27 18:00:58 +00:00 · 2019-06-27 18:00:58 +00:00 · bc4d3c1d83
commit bc4d3c1d83
parent 492500f726
8 changed files with 43 additions and 3 deletions
--- a/2011/0xxx/CVE-2011-0014.json
+++ b/2011/0xxx/CVE-2011-0014.json
@ -221,6 +221,11 @@
                "name": "1025050",
                "refsource": "SECTRACK",
                "url": "http://www.securitytracker.com/id?1025050"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://support.f5.com/csp/article/K10534046",
+                "url": "https://support.f5.com/csp/article/K10534046"
            }
        ]
    }
--- a/2018/11xxx/CVE-2018-11629.json
+++ b/2018/11xxx/CVE-2018-11629.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Default and unremovable support credentials (user:lutron password:integration) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y."
+                "value": "** DISPUTED ** Default and unremovable support credentials (user:lutron password:integration) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can be done through the ports revolve around controlling lighting, not code execution. A certain set of commands are listed, which bear some similarity to code, but they are not arbitrary and do not allow admin-level control of a machine."
            }
        ]
    },
@ -61,6 +61,11 @@
                "name": "https://reversecodes.wordpress.com/2018/06/02/0-day-tomando-el-control-de-las-instalaciones-de-la-nasa-en-cabo-canaveral/",
                "refsource": "MISC",
                "url": "https://reversecodes.wordpress.com/2018/06/02/0-day-tomando-el-control-de-las-instalaciones-de-la-nasa-en-cabo-canaveral/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://www.lutron.com/TechnicalDocumentLibrary/040249.pdf",
+                "url": "http://www.lutron.com/TechnicalDocumentLibrary/040249.pdf"
            }
        ]
    }
--- a/2018/11xxx/CVE-2018-11681.json
+++ b/2018/11xxx/CVE-2018-11681.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Default and unremovable support credentials (user:nwk password:nwk2) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the RadioRA 2 Lutron integration protocol Revision M to Revision Y."
+                "value": "** DISPUTED ** Default and unremovable support credentials (user:nwk password:nwk2) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the RadioRA 2 Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can be done through the ports revolve around controlling lighting, not code execution. A certain set of commands are listed, which bear some similarity to code, but they are not arbitrary and do not allow admin-level control of a machine."
            }
        ]
    },
@ -61,6 +61,11 @@
                "name": "https://reversecodes.wordpress.com/2018/06/02/0-day-tomando-el-control-de-las-instalaciones-de-la-nasa-en-cabo-canaveral/",
                "refsource": "MISC",
                "url": "https://reversecodes.wordpress.com/2018/06/02/0-day-tomando-el-control-de-las-instalaciones-de-la-nasa-en-cabo-canaveral/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://www.lutron.com/TechnicalDocumentLibrary/040249.pdf",
+                "url": "http://www.lutron.com/TechnicalDocumentLibrary/040249.pdf"
            }
        ]
    }
--- a/2018/11xxx/CVE-2018-11682.json
+++ b/2018/11xxx/CVE-2018-11682.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Default and unremovable support credentials allow attackers to gain total super user control of an IoT device through a TELNET session to products using the Stanza Lutron integration protocol Revision M to Revision Y."
+                "value": "** DISPUTED ** Default and unremovable support credentials allow attackers to gain total super user control of an IoT device through a TELNET session to products using the Stanza Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can be done through the ports revolve around controlling lighting, not code execution. A certain set of commands are listed, which bear some similarity to code, but they are not arbitrary and do not allow admin-level control of a machine."
            }
        ]
    },
@ -61,6 +61,11 @@
                "name": "https://reversecodes.wordpress.com/2018/06/02/0-day-tomando-el-control-de-las-instalaciones-de-la-nasa-en-cabo-canaveral/",
                "refsource": "MISC",
                "url": "https://reversecodes.wordpress.com/2018/06/02/0-day-tomando-el-control-de-las-instalaciones-de-la-nasa-en-cabo-canaveral/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://www.lutron.com/TechnicalDocumentLibrary/040249.pdf",
+                "url": "http://www.lutron.com/TechnicalDocumentLibrary/040249.pdf"
            }
        ]
    }
--- a/2019/0xxx/CVE-2019-0199.json
+++ b/2019/0xxx/CVE-2019-0199.json
@ -133,6 +133,11 @@
                "refsource": "FEDORA",
                "name": "FEDORA-2019-1a3f878d27",
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46/"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://support.f5.com/csp/article/K17321505",
+                "url": "https://support.f5.com/csp/article/K17321505"
            }
        ]
    },
--- a/2019/10xxx/CVE-2019-10072.json
+++ b/2019/10xxx/CVE-2019-10072.json
@ -63,6 +63,11 @@
                "refsource": "CONFIRM",
                "name": "https://security.netapp.com/advisory/ntap-20190625-0002/",
                "url": "https://security.netapp.com/advisory/ntap-20190625-0002/"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://support.f5.com/csp/article/K17321505",
+                "url": "https://support.f5.com/csp/article/K17321505"
            }
        ]
    },
--- a/2019/3xxx/CVE-2019-3459.json
+++ b/2019/3xxx/CVE-2019-3459.json
@ -91,6 +91,11 @@
                "refsource": "MLIST",
                "name": "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update",
                "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[oss-security] 20190627 Re: linux-distros membership application - Microsoft",
+                "url": "http://www.openwall.com/lists/oss-security/2019/06/27/2"
            }
        ]
    },
--- a/2019/3xxx/CVE-2019-3460.json
+++ b/2019/3xxx/CVE-2019-3460.json
@ -86,6 +86,11 @@
                "refsource": "MLIST",
                "name": "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update",
                "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[oss-security] 20190627 Re: linux-distros membership application - Microsoft",
+                "url": "http://www.openwall.com/lists/oss-security/2019/06/27/2"
            }
        ]
    },