admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'IBM20180321' of https://github.com/ScottMooreIBM/cvelist

Browse Source
This commit is contained in:
CVE Team 2018-03-22 07:46:51 -04:00
commit be182ac6d8
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
9 changed files with 729 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
2016/9xxx/CVE-2016-9711.json
View File

@ -1,18 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9711",
"STATE" : "RESERVED"
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22014337",
"name" : "IBM Security Bulletin 2014337 (Cognos Analytics)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/119619",
"name" : "X-Force Vulnerability Report"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-03-19T00:00:00",
"ID" : "CVE-2016-9711",
"STATE" : "PUBLIC"
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"SCORE" : "5.300",
"S" : "U",
"AC" : "L",
"I" : "N",
"AV" : "N",
"PR" : "N",
"C" : "L",
"UI" : "N"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Cognos Analytics",
"version" : {
"version_data" : [
{
"version_value" : "11.0"
}
]
}
}
]
}
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM Predictive Solutions Foundation (IBM Cognos Analytics 11.0) reveals sensitive information in detailed error messages that could aid an attacker in further attacks against the system. IBM X-Force ID: 119619.",
"lang" : "eng"
}
]
}
},
"data_format" : "MITRE",
"data_version" : "4.0",
"data_type" : "CVE"
}

84
2017/1xxx/CVE-2017-1571.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2017-1571",
"STATE" : "RESERVED"
"DATE_PUBLIC" : "2018-03-14T00:00:00"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 131853."
}
]
}
},
"references" : {
"reference_data" : [
{
"name" : "IBM Security Bulletin 2012948 (DB2 for Linux, UNIX and Windows)",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22012948"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/131853",
"name" : "X-Force Vulnerability Report"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "N",
"I" : "N",
"C" : "H",
"UI" : "N",
"A" : "N",
"AV" : "L",
"S" : "U",
"SCORE" : "5.100",
"AC" : "H"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "10.5"
},
{
"version_value" : "10.1"
},
{
"version_value" : "9.7"
},
{
"version_value" : "11.1"
}
]
},
"product_name" : "DB2 for Linux, UNIX and Windows"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_type" : "CVE"
}

90
2017/1xxx/CVE-2017-1677.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1677",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM Data Server Driver for JDBC and SQLJ (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1)deserializes the contents of /tmp/connlicj.bin which leads to object injection and potentially arbitrary code execution depending on the classpath. IBM X-Force ID: 133999.",
"lang" : "eng"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2017-1677",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2018-03-14T00:00:00"
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "N",
"S" : "U",
"PR" : "N",
"SCORE" : "7.400",
"AC" : "H",
"I" : "H",
"C" : "H",
"AV" : "L",
"A" : "H"
}
}
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22012896",
"name" : "IBM Security Bulletin 2012896 (DB2 for Linux, UNIX and Windows)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/133999",
"name" : "X-Force Vulnerability Report"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "DB2 for Linux, UNIX and Windows",
"version" : {
"version_data" : [
{
"version_value" : "10.5"
},
{
"version_value" : "10.1"
},
{
"version_value" : "9.7"
},
{
"version_value" : "11.1"
}
]
}
}
]
}
}
]
}
}
}

73
2017/1xxx/CVE-2017-1788.json
View File

@ -1,17 +1,80 @@
{
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "9"
}
]
},
"product_name" : "WebSphere Application Server"
}
]
}
}
]
}
},
"data_type" : "CVE",
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1788",
"STATE" : "RESERVED"
"DATE_PUBLIC" : "2018-03-14T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "N",
"I" : "N",
"SCORE" : "5.300",
"AV" : "N",
"S" : "U",
"AC" : "L",
"A" : "N",
"UI" : "N",
"C" : "L"
}
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22012341",
"name" : "IBM Security Bulletin 2012341 (WebSphere Application Server)"
},
{
"name" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/137031"
}
]
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM WebSphere Application Server 9 installations using Form Login could allow a remote attacker to conducts spoofing attacks. IBM X-Force ID: 137031.",
"lang" : "eng"
}
]
}

116
2017/1xxx/CVE-2017-1789.json
View File

@ -1,18 +1,120 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1789",
"STATE" : "RESERVED"
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22014096",
"name" : "IBM Security Bulletin 2014096 (Tivoli Monitoring V6)"
},
{
"name" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"A" : "H",
"UI" : "N",
"SCORE" : "9.800",
"PR" : "N",
"S" : "U",
"I" : "H",
"C" : "H",
"AC" : "L"
}
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034."
}
]
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2018-03-13T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2017-1789",
"STATE" : "PUBLIC"
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Tivoli Monitoring V6",
"version" : {
"version_data" : [
{
"version_value" : "6.2.3"
},
{
"version_value" : "6.3.0"
},
{
"version_value" : "6.2.3.1"
},
{
"version_value" : "6.2.3.2"
},
{
"version_value" : "6.2.3.3"
},
{
"version_value" : "6.2.3.4"
},
{
"version_value" : "6.2.3.5"
},
{
"version_value" : "6.3.0.1"
},
{
"version_value" : "6.3.0.2"
},
{
"version_value" : "6.3.0.3"
},
{
"version_value" : "6.3.0.4"
},
{
"version_value" : "6.3.0.5"
},
{
"version_value" : "6.3.0.6"
},
{
"version_value" : "6.3.0.7"
}
]
}
}
]
}
}
]
}
}
}

88
2018/1xxx/CVE-2018-1426.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1426",
"STATE" : "RESERVED"
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "DB2 for Linux, UNIX and Windows",
"version" : {
"version_data" : [
{
"version_value" : "10.5"
},
{
"version_value" : "10.1"
},
{
"version_value" : "9.7"
},
{
"version_value" : "11.1"
}
]
}
}
]
}
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) duplicates the PRNG state across fork() system calls when multiple ICC instances are loaded which could result in duplicate Session IDs and a risk of duplicate key material. IBM X-Force ID: 139071."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "IBM Security Bulletin 2013756 (DB2 for Linux, UNIX and Windows)",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22013756"
},
{
"name" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/139071"
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2018-03-15T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2018-1426"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"SCORE" : "7.400",
"C" : "H",
"AC" : "H",
"AV" : "N",
"I" : "H",
"PR" : "N",
"UI" : "N",
"S" : "U"
}
}
}
}

90
2018/1xxx/CVE-2018-1427.json
View File

@ -1,17 +1,89 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1427",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) contains several enviornment variables that a local attacker could overflow and cause a denial of service. IBM X-Force ID: 139072."
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2018-03-15T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1427"
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "10.5"
},
{
"version_value" : "10.1"
},
{
"version_value" : "9.7"
},
{
"version_value" : "11.1"
}
]
},
"product_name" : "DB2 for Linux, UNIX and Windows"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "H",
"PR" : "N",
"AC" : "L",
"SCORE" : "6.200",
"AV" : "L",
"S" : "U",
"C" : "N",
"I" : "N",
"UI" : "N"
}
}
},
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"name" : "IBM Security Bulletin 2013756 (DB2 for Linux, UNIX and Windows)",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22013756"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/139072",
"name" : "X-Force Vulnerability Report"
}
]
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Denial of Service",
"lang" : "eng"
}
]
}
]
}

86
2018/1xxx/CVE-2018-1428.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1428",
"STATE" : "RESERVED"
"impact" : {
"cvssv3" : {
"BM" : {
"C" : "H",
"UI" : "N",
"SCORE" : "6.200",
"S" : "U",
"I" : "N",
"A" : "N",
"AV" : "L",
"PR" : "N",
"AC" : "L"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22013756",
"name" : "IBM Security Bulletin 2013756 (DB2 for Linux, UNIX and Windows)"
},
{
"name" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/139073"
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "DB2 for Linux, UNIX and Windows",
"version" : {
"version_data" : [
{
"version_value" : "10.5"
},
{
"version_value" : "10.1"
},
{
"version_value" : "9.7"
},
{
"version_value" : "11.1"
}
]
}
}
]
}
}
]
}
},
"data_version" : "4.0",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2018-03-15T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1428"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 139073."
}
]
}
},
"data_format" : "MITRE"
}

88
2018/1xxx/CVE-2018-1448.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1448",
"STATE" : "RESERVED"
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "IBM Security Bulletin 2014388 (DB2 for Linux, UNIX and Windows)",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22014388"
},
{
"name" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/140043"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "File Manipulation",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140043.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "DB2 for Linux, UNIX and Windows",
"version" : {
"version_data" : [
{
"version_value" : "10.5"
},
{
"version_value" : "10.1"
},
{
"version_value" : "9.7"
},
{
"version_value" : "11.1"
}
]
}
}
]
}
}
]
}
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1448",
"DATE_PUBLIC" : "2018-03-14T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "H",
"PR" : "N",
"SCORE" : "7.700",
"AV" : "L",
"I" : "H",
"S" : "U",
"AC" : "L",
"C" : "N",
"UI" : "N"
}
}
}
}