admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2019-02-21 12:05:45 -05:00
parent dd8dbcc774
commit c850025fef
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
11 changed files with 595 additions and 607 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
2018/1xxx/CVE-2018-1944.json
View File

@ -1,39 +1,14 @@
{
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 153386."
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-02-18T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2018-1944",
"ASSIGNER" : "psirt@us.ibm.com"
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0872142 (Security Identity Governance and Intelligence)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153386",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-sig-cve20181944-info-disc (153386)"
}
]
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -71,11 +46,43 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 153386."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "L",
"C" : "H",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.100",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
@ -88,27 +95,18 @@
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"AC" : "H",
"PR" : "N",
"I" : "N",
"AV" : "L",
"SCORE" : "5.100",
"UI" : "N",
"A" : "N",
"C" : "H"
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
{
"name" : "ibm-sig-cve20181944-info-disc(153386)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153386"
}
]
}
}
},
"data_version" : "4.0"
}

90
2018/1xxx/CVE-2018-1945.json
View File

@ -1,34 +1,10 @@
{
"description" : {
"description_data" : [
{
"value" : "IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 153387.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1945",
"DATE_PUBLIC" : "2019-02-18T00:00:00",
"ID" : "CVE-2018-1945",
"STATE" : "PUBLIC"
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0872142 (Security Identity Governance and Intelligence)",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153387",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-sig-cve20181945-clickjacking (153387)"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
@ -76,6 +52,37 @@
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 153387."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "N",
"S" : "C",
"SCORE" : "6.100",
"UI" : "R"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
@ -88,27 +95,18 @@
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142"
},
"BM" : {
"UI" : "R",
"SCORE" : "6.100",
"C" : "L",
"A" : "N",
"I" : "L",
"PR" : "N",
"AV" : "N",
"AC" : "L",
"S" : "C"
{
"name" : "ibm-sig-cve20181945-clickjacking(153387)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153387"
}
]
}
}
},
"data_version" : "4.0"
}

76
2018/1xxx/CVE-2018-1946.json
View File

@ -1,9 +1,14 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-02-18T00:00:00",
"ID" : "CVE-2018-1946",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -41,33 +46,15 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0872142 (Security Identity Governance and Intelligence)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142"
},
{
"name" : "ibm-sig-cve20181946-info-disc (153388)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153388"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1946",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-02-18T00:00:00"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
@ -76,25 +63,23 @@
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
},
"BM" : {
"S" : "U",
"AC" : "H",
"SCORE" : "5.900",
"UI" : "N",
"C" : "H",
"A" : "N",
"PR" : "N",
"AC" : "H",
"AV" : "N",
"C" : "H",
"I" : "N",
"AV" : "N"
"PR" : "N",
"S" : "U",
"SCORE" : "5.900",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
@ -110,5 +95,18 @@
}
]
},
"data_format" : "MITRE"
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142"
},
{
"name" : "ibm-sig-cve20181946-info-disc(153388)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153388"
}
]
}
}

96
2018/1xxx/CVE-2018-1947.json
View File

@ -1,61 +1,18 @@
{
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "H"
},
"BM" : {
"S" : "C",
"AC" : "L",
"A" : "N",
"C" : "L",
"SCORE" : "6.100",
"UI" : "R",
"AV" : "N",
"PR" : "N",
"I" : "L"
}
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 153427."
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1947",
"DATE_PUBLIC" : "2019-02-18T00:00:00",
"ID" : "CVE-2018-1947",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Identity Governance and Intelligence",
"version" : {
"version_data" : [
{
@ -86,28 +43,69 @@
"version_value" : "5.2.4.1"
}
]
}
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 153427."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "N",
"S" : "C",
"SCORE" : "6.100",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"title" : "IBM Security Bulletin 0872142 (Security Identity Governance and Intelligence)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142"
},
{
"name" : "ibm-sig-cve20181947-xss(153427)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153427",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153427"
}
]
}

132
2018/1xxx/CVE-2018-1948.json
View File

@ -1,77 +1,18 @@
{
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"AC" : "L",
"C" : "L",
"A" : "N",
"SCORE" : "4.300",
"UI" : "R",
"AV" : "N",
"PR" : "N",
"I" : "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 153428."
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-02-18T00:00:00",
"ID" : "CVE-2018-1948",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-02-18T00:00:00"
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 0872142 (Security Identity Governance and Intelligence)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153428",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-sig-cve20181948-info-disc (153428)"
}
]
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Identity Governance and Intelligence",
"version" : {
"version_data" : [
{
@ -102,13 +43,70 @@
"version_value" : "5.2.4.1"
}
]
}
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 153428."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "4.300",
"UI" : "R"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142"
},
{
"name" : "ibm-sig-cve20181948-info-disc(153428)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153428"
}
]
}
}
]
}
}
}

124
2018/1xxx/CVE-2018-1949.json
View File

@ -1,74 +1,14 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "L",
"I" : "N",
"AV" : "N",
"SCORE" : "4.300",
"UI" : "N",
"A" : "N",
"C" : "L",
"S" : "U",
"AC" : "L"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 153429.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-02-18T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2018-1949",
"ASSIGNER" : "psirt@us.ibm.com"
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0872142 (Security Identity Governance and Intelligence)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153429",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-sig-cve20181949-info-disc (153429)"
}
]
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -106,9 +46,67 @@
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 153429."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "4.300",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142"
},
{
"name" : "ibm-sig-cve20181949-info-disc(153429)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153429"
}
]
}
}
}

96
2018/1xxx/CVE-2018-1950.json
View File

@ -1,33 +1,9 @@
{
"description" : {
"description_data" : [
{
"value" : "IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance generates an error message that includes sensitive information about its environment, users, or associated data which could be used in further attacks against the system. IBM X-Force ID: 153430.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1950",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-02-18T00:00:00"
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"title" : "IBM Security Bulletin 0872142 (Security Identity Governance and Intelligence)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153430",
"name" : "ibm-sig-cve20181950-info-disc (153430)"
}
]
"DATE_PUBLIC" : "2019-02-18T00:00:00",
"ID" : "CVE-2018-1950",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
@ -36,6 +12,7 @@
"product" : {
"product_data" : [
{
"product_name" : "Security Identity Governance and Intelligence",
"version" : {
"version_data" : [
{
@ -66,8 +43,7 @@
"version_value" : "5.2.4.1"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
}
]
},
@ -77,6 +53,36 @@
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance generates an error message that includes sensitive information about its environment, users, or associated data which could be used in further attacks against the system. IBM X-Force ID: 153430."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "4.300",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
@ -89,26 +95,18 @@
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872142"
},
"BM" : {
"UI" : "N",
"SCORE" : "4.300",
"C" : "L",
"A" : "N",
"I" : "N",
"PR" : "L",
"AV" : "N",
"AC" : "L",
"S" : "U"
{
"name" : "ibm-sig-cve20181950-info-disc(153430)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153430"
}
]
}
}
},
"data_version" : "4.0"
}

90
2018/2xxx/CVE-2018-2006.json
View File

@ -1,49 +1,36 @@
{
"CVE_data_meta" : {
"ID" : "CVE-2018-2006",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-02-19T00:00:00"
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 794133 (Robotic Process Automation with Automation Anywhere)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10794133",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10794133"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155008",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-rpa-cve20182006-dir-traversal (155008)"
}
]
"DATE_PUBLIC" : "2019-02-19T00:00:00",
"ID" : "CVE-2018-2006",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Robotic Process Automation with Automation Anywhere",
"version" : {
"version_data" : [
{
"version_value" : "11"
}
]
},
"product_name" : "Robotic Process Automation with Automation Anywhere"
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
@ -52,39 +39,50 @@
}
]
},
"data_version" : "4.0",
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "N",
"I" : "H",
"PR" : "H",
"S" : "U",
"SCORE" : "4.900",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "File Manipulation",
"lang" : "eng"
"lang" : "eng",
"value" : "File Manipulation"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10794133",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10794133"
},
"BM" : {
"AC" : "L",
"S" : "U",
"UI" : "N",
"SCORE" : "4.900",
"A" : "N",
"C" : "N",
"I" : "H",
"PR" : "H",
"AV" : "N"
{
"name" : "ibm-rpa-cve20182006-dir-traversal(155008)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155008"
}
]
}
}
},
"data_type" : "CVE"
}

12
2019/3xxx/CVE-2019-3474.json
View File

@ -43,7 +43,7 @@
"description_data" : [
{
"lang" : "eng",
"value": "A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server.\nThis vulnerability affects all versions of Filr 3.x prior to Security Update 6."
"value" : "A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of Filr 3.x prior to Security Update 6."
}
]
},
@ -78,12 +78,14 @@
"references" : {
"reference_data" : [
{
"refsource": "CONFIRM",
"url": "https://support.microfocus.com/kb/doc.php?id=7023726"
"name" : "https://download.novell.com/Download?buildid=nZUCSDkvpxk~",
"refsource" : "MISC",
"url" : "https://download.novell.com/Download?buildid=nZUCSDkvpxk~"
},
{
"refsource": "CONFIRM",
"url": "https://download.novell.com/Download?buildid=nZUCSDkvpxk~"
"name" : "https://support.microfocus.com/kb/doc.php?id=7023726",
"refsource" : "MISC",
"url" : "https://support.microfocus.com/kb/doc.php?id=7023726"
}
]
},

12
2019/3xxx/CVE-2019-3475.json
View File

@ -43,7 +43,7 @@
"description_data" : [
{
"lang" : "eng",
"value": "A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. \nThis vulnerability affects all versions of Filr 3.x prior to Security Update 6."
"value" : "A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6."
}
]
},
@ -78,12 +78,14 @@
"references" : {
"reference_data" : [
{
"refsource": "CONFIRM",
"url": "https://support.microfocus.com/kb/doc.php?id=7023727"
"name" : "https://download.novell.com/Download?buildid=nZUCSDkvpxk~",
"refsource" : "MISC",
"url" : "https://download.novell.com/Download?buildid=nZUCSDkvpxk~"
},
{
"refsource": "CONFIRM",
"url": "https://download.novell.com/Download?buildid=nZUCSDkvpxk~"
"name" : "https://support.microfocus.com/kb/doc.php?id=7023727",
"refsource" : "MISC",
"url" : "https://support.microfocus.com/kb/doc.php?id=7023727"
}
]
},