admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2019-03-08 11:07:14 -05:00
parent 2f2aa55c0a
commit bfc3dd43eb
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
3 changed files with 250 additions and 245 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/1xxx/CVE-2019-1585.json
View File

@ -72,6 +72,11 @@
"name" : "20190306 Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability", "name" : "20190306 Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability",
"refsource" : "CISCO", "refsource" : "CISCO",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec" "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec"
},
{
"name" : "107312",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107312"
} }
] ]
}, },

56
2019/3xxx/CVE-2019-3779.json
View File

@ -1,7 +1,4 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "secure@dell.com", "ASSIGNER" : "secure@dell.com",
"DATE_PUBLIC" : "2019-02-14T00:00:00.000Z", "DATE_PUBLIC" : "2019-02-14T00:00:00.000Z",
@ -9,9 +6,6 @@
"STATE" : "PUBLIC", "STATE" : "PUBLIC",
"TITLE" : "Cloud Foundry Container Runtime allows a user to bypass security policy when talking to ETCD" "TITLE" : "Cloud Foundry Container Runtime allows a user to bypass security policy when talking to ETCD"
}, },
"source": {
"discovery": "UNKNOWN"
},
"affects" : { "affects" : {
"vendor" : { "vendor" : {
"vendor_data" : [ "vendor_data" : [
@ -37,32 +31,14 @@
] ]
} }
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kubernetes clusters utilize the same CA (Certificate Authority) to sign and trust certs for ETCD as used by the Kubernetes API. This could allow a user authenticated with a cluster to request a signed certificate leveraging the Kubernetes CSR capability to obtain a credential that could escalate privilege access to ETCD.\n" "value" : "Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kubernetes clusters utilize the same CA (Certificate Authority) to sign and trust certs for ETCD as used by the Kubernetes API. This could allow a user authenticated with a cluster to request a signed certificate leveraging the Kubernetes CSR capability to obtain a credential that could escalate privilege access to ETCD."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control - Generic"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-3779",
"name": "https://www.cloudfoundry.org/blog/cve-2019-3779"
} }
] ]
}, },
@ -81,5 +57,29 @@
"vectorString" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "vectorString" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0" "version" : "3.0"
} }
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-284: Improper Access Control - Generic"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.cloudfoundry.org/blog/cve-2019-3779",
"refsource" : "CONFIRM",
"url" : "https://www.cloudfoundry.org/blog/cve-2019-3779"
}
]
},
"source" : {
"discovery" : "UNKNOWN"
} }
} }

54
2019/3xxx/CVE-2019-3780.json
View File

@ -1,7 +1,4 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "secure@dell.com", "ASSIGNER" : "secure@dell.com",
"DATE_PUBLIC" : "2019-02-14T19:48:25.155Z", "DATE_PUBLIC" : "2019-02-14T19:48:25.155Z",
@ -9,9 +6,6 @@
"STATE" : "PUBLIC", "STATE" : "PUBLIC",
"TITLE" : "Cloud Foundry Container Runtime Leaks IAAS Credentials" "TITLE" : "Cloud Foundry Container Runtime Leaks IAAS Credentials"
}, },
"source": {
"discovery": "UNKNOWN"
},
"affects" : { "affects" : {
"vendor" : { "vendor" : {
"vendor_data" : [ "vendor_data" : [
@ -37,6 +31,9 @@
] ]
} }
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
@ -45,27 +42,6 @@
} }
] ]
}, },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-260: Password in Configuration File"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-3780",
"name": "https://www.cloudfoundry.org/blog/cve-2019-3780"
}
]
},
"impact" : { "impact" : {
"cvss" : { "cvss" : {
"attackComplexity" : "LOW", "attackComplexity" : "LOW",
@ -81,5 +57,29 @@
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version" : "3.0" "version" : "3.0"
} }
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-260: Password in Configuration File"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.cloudfoundry.org/blog/cve-2019-3780",
"refsource" : "CONFIRM",
"url" : "https://www.cloudfoundry.org/blog/cve-2019-3780"
}
]
},
"source" : {
"discovery" : "UNKNOWN"
} }
} }