From c416fd8c53ff13076631eaa222858c13e50b6e82 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 13 Jun 2018 10:04:20 -0400 Subject: [PATCH] - Synchronized data. --- 2018/12xxx/CVE-2018-12274.json | 18 +++++++ 2018/12xxx/CVE-2018-12275.json | 18 +++++++ 2018/12xxx/CVE-2018-12276.json | 18 +++++++ 2018/12xxx/CVE-2018-12277.json | 18 +++++++ 2018/12xxx/CVE-2018-12278.json | 18 +++++++ 2018/12xxx/CVE-2018-12279.json | 18 +++++++ 2018/12xxx/CVE-2018-12280.json | 18 +++++++ 2018/12xxx/CVE-2018-12281.json | 18 +++++++ 2018/12xxx/CVE-2018-12282.json | 18 +++++++ 2018/12xxx/CVE-2018-12283.json | 18 +++++++ 2018/12xxx/CVE-2018-12284.json | 18 +++++++ 2018/12xxx/CVE-2018-12285.json | 18 +++++++ 2018/12xxx/CVE-2018-12286.json | 18 +++++++ 2018/12xxx/CVE-2018-12287.json | 18 +++++++ 2018/12xxx/CVE-2018-12288.json | 18 +++++++ 2018/12xxx/CVE-2018-12289.json | 18 +++++++ 2018/12xxx/CVE-2018-12290.json | 62 ++++++++++++++++++++++ 2018/12xxx/CVE-2018-12291.json | 67 ++++++++++++++++++++++++ 2018/12xxx/CVE-2018-12292.json | 62 ++++++++++++++++++++++ 2018/12xxx/CVE-2018-12293.json | 18 +++++++ 2018/12xxx/CVE-2018-12294.json | 18 +++++++ 2018/1xxx/CVE-2018-1393.json | 94 +++++++++++++++++----------------- 2018/1xxx/CVE-2018-1431.json | 66 ++++++++++++------------ 23 files changed, 593 insertions(+), 82 deletions(-) create mode 100644 2018/12xxx/CVE-2018-12274.json create mode 100644 2018/12xxx/CVE-2018-12275.json create mode 100644 2018/12xxx/CVE-2018-12276.json create mode 100644 2018/12xxx/CVE-2018-12277.json create mode 100644 2018/12xxx/CVE-2018-12278.json create mode 100644 2018/12xxx/CVE-2018-12279.json create mode 100644 2018/12xxx/CVE-2018-12280.json create mode 100644 2018/12xxx/CVE-2018-12281.json create mode 100644 2018/12xxx/CVE-2018-12282.json create mode 100644 2018/12xxx/CVE-2018-12283.json create mode 100644 2018/12xxx/CVE-2018-12284.json create mode 100644 2018/12xxx/CVE-2018-12285.json create mode 100644 2018/12xxx/CVE-2018-12286.json create mode 100644 2018/12xxx/CVE-2018-12287.json create mode 100644 2018/12xxx/CVE-2018-12288.json create mode 100644 2018/12xxx/CVE-2018-12289.json create mode 100644 2018/12xxx/CVE-2018-12290.json create mode 100644 2018/12xxx/CVE-2018-12291.json create mode 100644 2018/12xxx/CVE-2018-12292.json create mode 100644 2018/12xxx/CVE-2018-12293.json create mode 100644 2018/12xxx/CVE-2018-12294.json diff --git a/2018/12xxx/CVE-2018-12274.json b/2018/12xxx/CVE-2018-12274.json new file mode 100644 index 00000000000..7cf405075b9 --- /dev/null +++ b/2018/12xxx/CVE-2018-12274.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12274", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12275.json b/2018/12xxx/CVE-2018-12275.json new file mode 100644 index 00000000000..0e0906c1dc4 --- /dev/null +++ b/2018/12xxx/CVE-2018-12275.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12275", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12276.json b/2018/12xxx/CVE-2018-12276.json new file mode 100644 index 00000000000..53843885418 --- /dev/null +++ b/2018/12xxx/CVE-2018-12276.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12276", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12277.json b/2018/12xxx/CVE-2018-12277.json new file mode 100644 index 00000000000..122e24ea332 --- /dev/null +++ b/2018/12xxx/CVE-2018-12277.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12277", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12278.json b/2018/12xxx/CVE-2018-12278.json new file mode 100644 index 00000000000..2b223ada068 --- /dev/null +++ b/2018/12xxx/CVE-2018-12278.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12278", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12279.json b/2018/12xxx/CVE-2018-12279.json new file mode 100644 index 00000000000..ca0d1973374 --- /dev/null +++ b/2018/12xxx/CVE-2018-12279.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12279", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12280.json b/2018/12xxx/CVE-2018-12280.json new file mode 100644 index 00000000000..0644e850c43 --- /dev/null +++ b/2018/12xxx/CVE-2018-12280.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12280", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12281.json b/2018/12xxx/CVE-2018-12281.json new file mode 100644 index 00000000000..d8541cd9642 --- /dev/null +++ b/2018/12xxx/CVE-2018-12281.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12281", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12282.json b/2018/12xxx/CVE-2018-12282.json new file mode 100644 index 00000000000..4124807eb22 --- /dev/null +++ b/2018/12xxx/CVE-2018-12282.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12282", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12283.json b/2018/12xxx/CVE-2018-12283.json new file mode 100644 index 00000000000..5fb6e67d3a1 --- /dev/null +++ b/2018/12xxx/CVE-2018-12283.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12283", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12284.json b/2018/12xxx/CVE-2018-12284.json new file mode 100644 index 00000000000..0a15f596d86 --- /dev/null +++ b/2018/12xxx/CVE-2018-12284.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12284", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12285.json b/2018/12xxx/CVE-2018-12285.json new file mode 100644 index 00000000000..68bc75dc8c5 --- /dev/null +++ b/2018/12xxx/CVE-2018-12285.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12285", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12286.json b/2018/12xxx/CVE-2018-12286.json new file mode 100644 index 00000000000..921aeabc45a --- /dev/null +++ b/2018/12xxx/CVE-2018-12286.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12286", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12287.json b/2018/12xxx/CVE-2018-12287.json new file mode 100644 index 00000000000..5a02d8d61ce --- /dev/null +++ b/2018/12xxx/CVE-2018-12287.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12287", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12288.json b/2018/12xxx/CVE-2018-12288.json new file mode 100644 index 00000000000..b343be20a37 --- /dev/null +++ b/2018/12xxx/CVE-2018-12288.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12288", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12289.json b/2018/12xxx/CVE-2018-12289.json new file mode 100644 index 00000000000..0d2033f8275 --- /dev/null +++ b/2018/12xxx/CVE-2018-12289.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12289", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12290.json b/2018/12xxx/CVE-2018-12290.json new file mode 100644 index 00000000000..e5a62fbc31f --- /dev/null +++ b/2018/12xxx/CVE-2018-12290.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12290", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "The Yii2-StateMachine extension v2.x.x for Yii2 has XSS." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.iwantacve.cn/index.php/archives/40/", + "refsource" : "MISC", + "url" : "http://www.iwantacve.cn/index.php/archives/40/" + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12291.json b/2018/12xxx/CVE-2018-12291.json new file mode 100644 index 00000000000..aed2ed1ae84 --- /dev/null +++ b/2018/12xxx/CVE-2018-12291.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12291", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "The on_get_missing_events function in handlers/federation.py in Matrix Synapse before 0.31.1 has a security bug in the get_missing_events federation API where event visibility rules were not applied correctly." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/matrix-org/synapse/pull/3371", + "refsource" : "CONFIRM", + "url" : "https://github.com/matrix-org/synapse/pull/3371" + }, + { + "name" : "https://github.com/matrix-org/synapse/releases/tag/v0.31.1", + "refsource" : "CONFIRM", + "url" : "https://github.com/matrix-org/synapse/releases/tag/v0.31.1" + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12292.json b/2018/12xxx/CVE-2018-12292.json new file mode 100644 index 00000000000..fff9738bfb5 --- /dev/null +++ b/2018/12xxx/CVE-2018-12292.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12292", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A use-after-free vulnerability exists in DOMProxyHandler::EnsureExpandoObject in Pale Moon before 27.9.3." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.palemoon.org/releasenotes.shtml", + "refsource" : "CONFIRM", + "url" : "https://www.palemoon.org/releasenotes.shtml" + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12293.json b/2018/12xxx/CVE-2018-12293.json new file mode 100644 index 00000000000..d6d7da40fc2 --- /dev/null +++ b/2018/12xxx/CVE-2018-12293.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12293", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12294.json b/2018/12xxx/CVE-2018-12294.json new file mode 100644 index 00000000000..55c1865ed94 --- /dev/null +++ b/2018/12xxx/CVE-2018-12294.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12294", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/1xxx/CVE-2018-1393.json b/2018/1xxx/CVE-2018-1393.json index 3f475825577..cff00263561 100644 --- a/2018/1xxx/CVE-2018-1393.json +++ b/2018/1xxx/CVE-2018-1393.json @@ -1,35 +1,9 @@ { - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22013250", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22013250", - "title" : "IBM Security Bulletin 2013250 (Financial Transaction Manager)", - "refsource" : "CONFIRM" - }, - { - "name" : "ibm-ftm-cve20181393-info-disc(138378)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/138378", - "refsource" : "XF", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.6 could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. IBM X-Force ID: 138378.", - "lang" : "eng" - } - ] - }, - "data_format" : "MITRE", - "data_type" : "CVE", "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ID" : "CVE-2018-1393", + "ASSIGNER" : "psirt@us.ibm.com", "DATE_PUBLIC" : "2018-06-08T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com" + "ID" : "CVE-2018-1393", + "STATE" : "PUBLIC" }, "affects" : { "vendor" : { @@ -54,37 +28,61 @@ ] } }, - "problemtype" : { - "problemtype_data" : [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } - ] + "lang" : "eng", + "value" : "IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.6 could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. IBM X-Force ID: 138378." } ] }, "impact" : { "cvssv3" : { - "TM" : { - "RL" : "O", - "RC" : "C", - "E" : "U" - }, "BM" : { "A" : "N", - "AV" : "N", - "I" : "N", "AC" : "H", - "SCORE" : "3.100", + "AV" : "N", + "C" : "L", + "I" : "N", "PR" : "L", "S" : "U", - "UI" : "N", - "C" : "L" + "SCORE" : "3.100", + "UI" : "N" + }, + "TM" : { + "E" : "U", + "RC" : "C", + "RL" : "O" } } }, - "data_version" : "4.0" + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.ibm.com/support/docview.wss?uid=swg22013250", + "refsource" : "CONFIRM", + "url" : "http://www.ibm.com/support/docview.wss?uid=swg22013250" + }, + { + "name" : "ibm-ftm-cve20181393-info-disc(138378)", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/138378" + } + ] + } } diff --git a/2018/1xxx/CVE-2018-1431.json b/2018/1xxx/CVE-2018-1431.json index 7f5106f1007..73d1ae32d31 100644 --- a/2018/1xxx/CVE-2018-1431.json +++ b/2018/1xxx/CVE-2018-1431.json @@ -1,15 +1,14 @@ { "CVE_data_meta" : { - "ID" : "CVE-2018-1431", "ASSIGNER" : "psirt@us.ibm.com", "DATE_PUBLIC" : "2018-06-11T00:00:00", + "ID" : "CVE-2018-1431", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { - "vendor_name" : "IBM", "product" : { "product_data" : [ { @@ -38,21 +37,43 @@ } } ] - } + }, + "vendor_name" : "IBM" } ] } }, + "data_format" : "MITRE", + "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { - "value" : "A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240.", - "lang" : "eng" + "lang" : "eng", + "value" : "A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240." } ] }, - "data_format" : "MITRE", + "impact" : { + "cvssv3" : { + "BM" : { + "A" : "H", + "AC" : "H", + "AV" : "L", + "C" : "H", + "I" : "H", + "PR" : "N", + "S" : "U", + "SCORE" : "7.400", + "UI" : "N" + }, + "TM" : { + "E" : "U", + "RC" : "C", + "RL" : "O" + } + } + }, "problemtype" : { "problemtype_data" : [ { @@ -68,38 +89,15 @@ "references" : { "reference_data" : [ { - "title" : "IBM Security Bulletin S1012049 (Spectrum Scale)", + "name" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1012049", "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1012049", - "name" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1012049" + "url" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1012049" }, { - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/139240", "name" : "ibm-spectrum-cve20181431-priv-escalation(139240)", - "title" : "X-Force Vulnerability Report" + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/139240" } ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "PR" : "N", - "UI" : "N", - "I" : "H", - "S" : "U", - "SCORE" : "7.400", - "AV" : "L", - "C" : "H", - "A" : "H", - "AC" : "H" - }, - "TM" : { - "RL" : "O", - "RC" : "C", - "E" : "U" - } - } - }, - "data_type" : "CVE" + } }