admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-07-11 20:00:53 +00:00
parent 2e1be460f5
commit c954e39688
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
27 changed files with 1982 additions and 1355 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
2014/3xxx/CVE-2014-3798.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3798", "ID": "CVE-2014-3798",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
@ -11,7 +11,66 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Ethernet frame."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "SECTRACK",
"name": "1030304",
"url": "http://www.securitytracker.com/id/1030304"
},
{
"refsource": "BID",
"name": "67693",
"url": "http://www.securityfocus.com/bid/67693"
},
{
"refsource": "CONFIRM",
"name": "http://support.citrix.com/article/CTX140814",
"url": "http://support.citrix.com/article/CTX140814"
},
{
"refsource": "SECUNIA",
"name": "58455",
"url": "http://secunia.com/advisories/58455"
} }
] ]
} }

172
2018/1xxx/CVE-2018-1968.json
View File

@ -1,90 +1,90 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"DATE_PUBLIC" : "2019-07-02T00:00:00", "DATE_PUBLIC": "2019-07-02T00:00:00",
"ID" : "CVE-2018-1968", "ID": "CVE-2018-1968",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com" "ASSIGNER": "psirt@us.ibm.com"
}, },
"data_type" : "CVE", "data_type": "CVE",
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10958077",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 958077 (Security Identity Manager)",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10958077"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153749",
"name" : "ibm-sim-cve20181968-info-disc (153749)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"A" : "N",
"SCORE" : "5.300",
"UI" : "N",
"C" : "L",
"AC" : "L",
"AV" : "N",
"I" : "N",
"S" : "U",
"PR" : "N"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{ {
"vendor_name" : "IBM", "description": [
"product" : { {
"product_data" : [ "value": "Obtain Information",
{ "lang": "eng"
"version" : { }
"version_data" : [ ]
{
"version_value" : "7.0.1"
}
]
},
"product_name" : "Security Identity Manager"
}
]
}
} }
] ]
} },
}, "references": {
"data_version" : "4.0", "reference_data": [
"description" : { {
"description_data" : [ "url": "http://www.ibm.com/support/docview.wss?uid=ibm10958077",
{ "refsource": "CONFIRM",
"value" : "IBM Security Identity Manager 7.0.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 153749.", "title": "IBM Security Bulletin 958077 (Security Identity Manager)",
"lang" : "eng" "name": "http://www.ibm.com/support/docview.wss?uid=ibm10958077"
} },
] {
}, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153749",
"data_format" : "MITRE" "name": "ibm-sim-cve20181968-info-disc (153749)",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
},
"BM": {
"A": "N",
"SCORE": "5.300",
"UI": "N",
"C": "L",
"AC": "L",
"AV": "N",
"I": "N",
"S": "U",
"PR": "N"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.0.1"
}
]
},
"product_name": "Security Identity Manager"
}
]
}
}
]
}
},
"data_version": "4.0",
"description": {
"description_data": [
{
"value": "IBM Security Identity Manager 7.0.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 153749.",
"lang": "eng"
}
]
},
"data_format": "MITRE"
} }

277
2019/0xxx/CVE-2019-0046.json
View File

@ -1,151 +1,132 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net", "ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-07-10T16:00:00.000Z", "DATE_PUBLIC": "2019-07-10T16:00:00.000Z",
"ID": "CVE-2019-0046", "ID": "CVE-2019-0046",
"STATE": "PUBLIC", "STATE": "PUBLIC",
"TITLE": "Junos OS: EX4300 Series: Denial of Service upon receipt of large number of specific valid packets on management interface." "TITLE": "Junos OS: EX4300 Series: Denial of Service upon receipt of large number of specific valid packets on management interface."
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "vendor_name": "Juniper Networks",
"product_data": [ "product": {
{ "product_data": [
"product_name": "Junos OS", {
"version": { "product_name": "Junos OS",
"version_data": [ "version": {
{ "version_data": [
"version_affected": ">=", {
"version_name": "16.1", "version_value": "16.1 versions above and including 16.1R1 prior to 16.1R7-S5"
"version_value": "16.1R1" },
}, {
{ "version_value": "17.1 versions prior to 17.1R3"
"version_affected": "<", },
"version_name": "17.1", {
"version_value": "17.1R3" "version_value": "17.2 versions prior to 17.2R3"
}, },
{ {
"version_affected": "<", "version_value": "17.3 versions prior to 17.3R3-S2"
"version_name": "17.2", },
"version_value": "17.2R3" {
}, "version_value": "17.4 versions prior to 17.4R2"
{ },
"version_affected": "<", {
"version_name": "17.3", "version_value": "18.1 versions prior to 18.1R3"
"version_value": "17.3R3-S2" },
}, {
{ "version_value": "18.2 versions prior to 18.2R2"
"version_affected": "<", }
"version_name": "17.4", ]
"version_value": "17.4R2" }
}, }
{ ]
"version_affected": "<", }
"version_name": "18.1", }
"version_value": "18.1R3"
},
{
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R2"
},
{
"version_affected": "<",
"version_name": "16.1",
"version_value": "16.1R7-S5"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The following minimal configuration is required:\n set interfaces me0"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the pfe-chassisd Chassis Manager (CMLC) daemon of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the EX4300 when specific valid broadcast packets create a broadcast storm condition when received on the me0 interface of the EX4300 Series device. A reboot of the device is required to restore service. Continued receipt of these valid broadcast packets will create a sustained Denial of Service (DoS) against the device.\n\nAffected releases are Juniper Networks Junos OS:\n16.1 versions above and including 16.1R1 prior to 16.1R7-S5;\n17.1 versions prior to 17.1R3;\n17.2 versions prior to 17.2R3;\n17.3 versions prior to 17.3R3-S2;\n17.4 versions prior to 17.4R2;\n18.1 versions prior to 18.1R3;\n18.2 versions prior to 18.2R2."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
] ]
} }
] },
}, "configuration": [
"references": { {
"reference_data": [ "lang": "eng",
{ "value": "The following minimal configuration is required:\n set interfaces me0"
"name": "https://kb.juniper.net/JSA10938", }
"refsource": "CONFIRM", ],
"url": "https://kb.juniper.net/JSA10938" "data_format": "MITRE",
} "data_type": "CVE",
] "data_version": "4.0",
}, "description": {
"solution": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 16.1R7-S5, 17.1R3, 17.2R3, 17.3R3-S2, 17.4R2, 18.1R3, 18.2R2, 18.3R1, and all subsequent releases.\n" "value": "A vulnerability in the pfe-chassisd Chassis Manager (CMLC) daemon of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the EX4300 when specific valid broadcast packets create a broadcast storm condition when received on the me0 interface of the EX4300 Series device. A reboot of the device is required to restore service. Continued receipt of these valid broadcast packets will create a sustained Denial of Service (DoS) against the device. Affected releases are Juniper Networks Junos OS: 16.1 versions above and including 16.1R1 prior to 16.1R7-S5; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S2; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2."
} }
], ]
"source": { },
"advisory": "JSA10938", "exploit": [
"defect": [ {
"1329430" "lang": "eng",
], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"discovery": "USER" }
}, ],
"work_around": [ "generator": {
{ "engine": "Vulnogram 0.0.6"
"lang": "eng", },
"value": "There are no viable workarounds for this issue." "impact": {
} "cvss": {
] "attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10938",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10938"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 16.1R7-S5, 17.1R3, 17.2R3, 17.3R3-S2, 17.4R2, 18.1R3, 18.2R2, 18.3R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA10938",
"defect": [
"1329430"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
} }

288
2019/0xxx/CVE-2019-0048.json
View File

@ -1,159 +1,135 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net", "ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-07-10T16:00:00.000Z", "DATE_PUBLIC": "2019-07-10T16:00:00.000Z",
"ID": "CVE-2019-0048", "ID": "CVE-2019-0048",
"STATE": "PUBLIC", "STATE": "PUBLIC",
"TITLE": "EX4300 Series: When a firewall filter is applied to a loopback interface, other firewall filters for multicast traffic may fail" "TITLE": "EX4300 Series: When a firewall filter is applied to a loopback interface, other firewall filters for multicast traffic may fail"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "vendor_name": "Juniper Networks",
"product_data": [ "product": {
{ "product_data": [
"product_name": "Junos OS", {
"version": { "product_name": "Junos OS",
"version_data": [ "version": {
{ "version_data": [
"platform": "EX4300 Series", {
"version_affected": "<", "version_value": "14.1X53 versions prior to 14.1X53-D51 and 14.1X53-D115 on EX4300 Series"
"version_name": "14.1X53", },
"version_value": "14.1X53-D51, 14.1X53-D115" {
}, "version_value": "17.1 versions prior to 17.1R3 on EX4300 Series"
{ },
"platform": "EX4300 Series", {
"version_affected": "<", "version_value": "17.2 versions prior to 17.2R3-S2 on EX4300 Series"
"version_name": "17.1", },
"version_value": "17.1R3" {
}, "version_value": "17.3 versions prior to 17.3R3-S3 on EX4300 Series"
{ },
"platform": "EX4300 Series", {
"version_affected": "<", "version_value": "17.4 versions prior to 17.4R2-S5 and 17.4R3 on EX4300 Series"
"version_name": "17.2", },
"version_value": "17.2R3-S2" {
}, "version_value": "18.1 versions prior to 18.1R3-S1 on EX4300 Series"
{ },
"platform": "EX4300 Series", {
"version_affected": "<", "version_value": "18.2 versions prior to 18.2R2 on EX4300 Series"
"version_name": "17.3", },
"version_value": "17.3R3-S3" {
}, "version_value": "18.3 versions prior to 18.3R2 on EX4300 Series"
{ }
"platform": "EX4300 Series", ]
"version_affected": "<", }
"version_name": "17.4", }
"version_value": "17.4R2-S5, 17.4R3" ]
}, }
{ }
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "18.1",
"version_value": "18.1R3-S1"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R2"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "This issue only affects EX Series switches with TCAM optimization enabled:\n\n set system packet-forwarding-options tcam-group-optimization\n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority. This rule is meant for reserved multicast addresses 224.0.0.x, but incorrectly matches on 224.x.x.x. Due to this bug, when a firewall filter is applied on the loopback interface, other firewall filters might stop working for multicast traffic.\n\nThe command 'show firewall filter' can be used to confirm whether the filter is working.\n\nThis issue only affects the EX4300 switch. No other products or platforms are affected by this vulnerability.\nThis issue affects:\nJuniper Networks Junos OS:\n14.1X53 versions prior to 14.1X53-D51, 14.1X53-D115 on EX4300 Series;\n17.1 versions prior to 17.1R3 on EX4300 Series;\n17.2 versions prior to 17.2R3-S2 on EX4300 Series;\n17.3 versions prior to 17.3R3-S3 on EX4300 Series;\n17.4 versions prior to 17.4R2-S5, 17.4R3 on EX4300 Series;\n18.1 versions prior to 18.1R3-S1 on EX4300 Series;\n18.2 versions prior to 18.2R2 on EX4300 Series;\n18.3 versions prior to 18.3R2 on EX4300 Series."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
] ]
} }
] },
}, "configuration": [
"references": { {
"reference_data": [ "lang": "eng",
{ "value": "This issue only affects EX Series switches with TCAM optimization enabled:\n\n set system packet-forwarding-options tcam-group-optimization\n"
"name": "https://kb.juniper.net/JSA10942", }
"refsource": "CONFIRM", ],
"url": "https://kb.juniper.net/JSA10942" "data_format": "MITRE",
} "data_type": "CVE",
] "data_version": "4.0",
}, "description": {
"solution": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 14.1X53-D51, 14.1X53-D115, 17.1R3, 17.2R3-S2, 17.3R3-S3, 17.4R2-S5, 17.4R3, 18.1R3-S1, 18.2R2, 18.3R2, 18.4R1, and all subsequent releases.\n" "value": "On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority. This rule is meant for reserved multicast addresses 224.0.0.x, but incorrectly matches on 224.x.x.x. Due to this bug, when a firewall filter is applied on the loopback interface, other firewall filters might stop working for multicast traffic. The command 'show firewall filter' can be used to confirm whether the filter is working. This issue only affects the EX4300 switch. No other products or platforms are affected by this vulnerability. This issue affects: Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D51, 14.1X53-D115 on EX4300 Series; 17.1 versions prior to 17.1R3 on EX4300 Series; 17.2 versions prior to 17.2R3-S2 on EX4300 Series; 17.3 versions prior to 17.3R3-S3 on EX4300 Series; 17.4 versions prior to 17.4R2-S5, 17.4R3 on EX4300 Series; 18.1 versions prior to 18.1R3-S1 on EX4300 Series; 18.2 versions prior to 18.2R2 on EX4300 Series; 18.3 versions prior to 18.3R2 on EX4300 Series."
} }
], ]
"source": { },
"advisory": "JSA10942", "exploit": [
"defect": [ {
"1392082" "lang": "eng",
], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"discovery": "USER" }
}, ],
"work_around": [ "generator": {
{ "engine": "Vulnogram 0.0.6"
"lang": "eng", },
"value": "Disabling TCAM optimization will mitigate this issue." "impact": {
} "cvss": {
] "attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10942",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10942"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 14.1X53-D51, 14.1X53-D115, 17.1R3, 17.2R3-S2, 17.3R3-S3, 17.4R2-S5, 17.4R3, 18.1R3-S1, 18.2R2, 18.3R2, 18.4R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA10942",
"defect": [
"1392082"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "Disabling TCAM optimization will mitigate this issue."
}
]
} }

296
2019/0xxx/CVE-2019-0049.json
View File

@ -1,164 +1,138 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net", "ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-07-10T16:00:00.000Z", "DATE_PUBLIC": "2019-07-10T16:00:00.000Z",
"ID": "CVE-2019-0049", "ID": "CVE-2019-0049",
"STATE": "PUBLIC", "STATE": "PUBLIC",
"TITLE": "Junos OS: RPD process crashes when BGP peer restarts" "TITLE": "Junos OS: RPD process crashes when BGP peer restarts"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "vendor_name": "Juniper Networks",
"product_data": [ "product": {
{ "product_data": [
"product_name": "Junos OS", {
"version": { "product_name": "Junos OS",
"version_data": [ "version": {
{ "version_data": [
"version_affected": "<", {
"version_name": "16.1", "version_value": "16.1 versions prior to 16.1R7-S3"
"version_value": "16.1R7-S3" },
}, {
{ "version_value": "16.2 versions prior to 16.2R2-S9"
"version_affected": "<", },
"version_name": "16.2", {
"version_value": "16.2R2-S9" "version_value": "17.1 versions prior to 17.1R3"
}, },
{ {
"version_affected": "<", "version_value": "17.2 versions prior to 17.2R3"
"version_name": "17.1", },
"version_value": "17.1R3" {
}, "version_value": "17.2X75 versions prior to 17.2X75-D105"
{ },
"version_affected": "<", {
"version_name": "17.2", "version_value": "17.3 versions prior to 17.3R3-S2"
"version_value": "17.2R3" },
}, {
{ "version_value": "17.4 versions prior to 17.4R1-S7 to 17.4R2-S2 and to 17.4R3"
"version_affected": "<", },
"version_name": "17.2X75", {
"version_value": "17.2X75-D105" "version_value": "18.1 versions prior to 18.1R3-S2"
}, },
{ {
"version_affected": "<", "version_value": "18.2 versions prior to 18.2R2"
"version_name": "17.3", },
"version_value": "17.3R3-S2" {
}, "version_value": "18.2X75 versions prior to 18.2X75-D12 and 18.2X75-D30"
{ },
"version_affected": "<", {
"version_name": "17.4", "version_value": "18.3 versions prior to 18.3R1-S4 and 18.3R2"
"version_value": "17.4R1-S7, 17.4R2-S2, 17.4R3" }
}, ]
{ }
"version_affected": "<", }
"version_name": "18.1", ]
"version_value": "18.1R3-S2" }
}, }
{
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R2"
},
{
"version_affected": "<",
"version_name": "18.2X75",
"version_value": "18.2X75-D12, 18.2X75-D30"
},
{
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R1-S4, 18.3R2"
},
{
"version_affected": "!<",
"version_value": "16.1R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a certain sequence of BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart. Repeated crashes of the RPD process can cause prolonged Denial of Service (DoS). \n\nGraceful restart helper mode for BGP is enabled by default.\n\nNo other Juniper Networks products or platforms are affected by this issue.\nAffected releases are Juniper Networks Junos OS:\n16.1 versions prior to 16.1R7-S3;\n16.2 versions prior to 16.2R2-S9;\n17.1 versions prior to 17.1R3;\n17.2 versions prior to 17.2R3;\n17.2X75 versions prior to 17.2X75-D105;\n17.3 versions prior to 17.3R3-S2;\n17.4 versions prior to 17.4R1-S7, 17.4R2-S2, 17.4R3;\n18.1 versions prior to 18.1R3-S2;\n18.2 versions prior to 18.2R2;\n18.2X75 versions prior to 18.2X75-D12, 18.2X75-D30;\n18.3 versions prior to 18.3R1-S4, 18.3R2.\n\nJunos OS releases prior to 16.1R1 are not affected."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-404 Improper Resource Shutdown or Release"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references": { "data_type": "CVE",
"reference_data": [ "data_version": "4.0",
{ "description": {
"name": "https://kb.juniper.net/JSA10943", "description_data": [
"refsource": "CONFIRM", {
"url": "https://kb.juniper.net/JSA10943" "lang": "eng",
} "value": "On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a certain sequence of BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart. Repeated crashes of the RPD process can cause prolonged Denial of Service (DoS). Graceful restart helper mode for BGP is enabled by default. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S3; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.2X75 versions prior to 17.2X75-D105; 17.3 versions prior to 17.3R3-S2; 17.4 versions prior to 17.4R1-S7, 17.4R2-S2, 17.4R3; 18.1 versions prior to 18.1R3-S2; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D12, 18.2X75-D30; 18.3 versions prior to 18.3R1-S4, 18.3R2. Junos OS releases prior to 16.1R1 are not affected."
] }
}, ]
"solution": [ },
{ "exploit": [
"lang": "eng", {
"value": "The following software releases have been updated to resolve this specific issue: 16.1R7-S3, 16.2R2-S9, 17.1R3, 17.2R3, 17.2X75-D105, 17.3R3-S2, 17.4R1-S7, 17.4R2-S2, 17.4R3, 18.1R3-S2, 18.2R2, 18.2X75-D12, 18.2X75-D30, 18.3R1-S4, 18.3R2, 18.4R1, and all subsequent releases." "lang": "eng",
} "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
], }
"source": { ],
"advisory": "JSA10943", "generator": {
"defect": [ "engine": "Vulnogram 0.0.6"
"1337304" },
], "impact": {
"discovery": "USER" "cvss": {
}, "attackComplexity": "LOW",
"work_around": [ "attackVector": "NETWORK",
{ "availabilityImpact": "HIGH",
"lang": "eng", "baseScore": 7.5,
"value": "This issue can be prevented by disabling the BGP graceful restart mechanism, including graceful restart helper mode:\n [protocols bgp graceful-restart disable]\n\nFurthermore, the risk associated with this issue can be mitigated by limiting BGP sessions only from trusted peers.\n" "baseSeverity": "HIGH",
} "confidentialityImpact": "NONE",
] "integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-404 Improper Resource Shutdown or Release"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10943",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10943"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 16.1R7-S3, 16.2R2-S9, 17.1R3, 17.2R3, 17.2X75-D105, 17.3R3-S2, 17.4R1-S7, 17.4R2-S2, 17.4R3, 18.1R3-S2, 18.2R2, 18.2X75-D12, 18.2X75-D30, 18.3R1-S4, 18.3R2, 18.4R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10943",
"defect": [
"1337304"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "This issue can be prevented by disabling the BGP graceful restart mechanism, including graceful restart helper mode:\n [protocols bgp graceful-restart disable]\n\nFurthermore, the risk associated with this issue can be mitigated by limiting BGP sessions only from trusted peers.\n"
}
]
} }

288
2019/0xxx/CVE-2019-0052.json
View File

@ -1,159 +1,135 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net", "ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-07-10T16:00:00.000Z", "DATE_PUBLIC": "2019-07-10T16:00:00.000Z",
"ID": "CVE-2019-0052", "ID": "CVE-2019-0052",
"STATE": "PUBLIC", "STATE": "PUBLIC",
"TITLE": "SRX Series: srxpfe process crash while JSF/UTM module parses specific HTTP packets" "TITLE": "SRX Series: srxpfe process crash while JSF/UTM module parses specific HTTP packets"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "vendor_name": "Juniper Networks",
"product_data": [ "product": {
{ "product_data": [
"product_name": "Junos OS", {
"version": { "product_name": "Junos OS",
"version_data": [ "version": {
{ "version_data": [
"platform": "SRX Series", {
"version_affected": "<", "version_value": "12.3X48 versions prior to 12.3X48-D85 on SRX Series"
"version_name": "12.3X48", },
"version_value": "12.3X48-D85" {
}, "version_value": "15.1X49 versions prior to 15.1X49-D181 and 15.1X49-D190 on SRX Series"
{ },
"platform": "SRX Series", {
"version_affected": "<", "version_value": "17.3 versions on SRX Series"
"version_name": "15.1X49", },
"version_value": "15.1X49-D181, 15.1X49-D190" {
}, "version_value": "17.4 versions prior to 17.4R1-S8 and to 17.4R2-S5 and to 17.4R3 on SRX Series"
{ },
"platform": "SRX Series", {
"version_affected": "<", "version_value": "18.1 versions prior to 18.1R3-S6 on SRX Series"
"version_name": "17.4", },
"version_value": "17.4R1-S8, 17.4R2-S5, 17.4R3" {
}, "version_value": "18.2 versions prior to 18.2R2-S1 and to 18.2R3 on SRX Series"
{ },
"platform": "SRX Series", {
"version_affected": "<", "version_value": "18.3 versions prior to 18.3R1-S2 and to 18.3R2 on SRX Series"
"version_name": "18.1", },
"version_value": "18.1R3-S6" {
}, "version_value": "18.4 versions prior to 18.4R1-S1 and to 18.4R2 on SRX Series"
{ }
"platform": "SRX Series", ]
"version_affected": "<", }
"version_name": "18.2", }
"version_value": "18.2R2-S1, 18.2R3" ]
}, }
{ }
"platform": "SRX Series",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R1-S2, 18.3R2"
},
{
"platform": "SRX Series",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R1-S1, 18.4R2"
},
{
"platform": "SRX Series",
"version_affected": ">=",
"version_name": "17.3",
"version_value": "17.3R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "Sample SRX Series services gateway web-filtering configuration:\n\n security {\n utm {\n default-configuration {\n web-filtering {\n ...\n feature-profile {\n web-filtering {\n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The srxpfe process may crash on SRX Series services gateways when the UTM module processes a specific fragmented HTTP packet. The packet is misinterpreted as a regular TCP packet which causes the processor to crash.\n\nThis issue affects all SRX Series platforms that support URL-Filtering and have web-filtering enabled.\n\nAffected releases are Juniper Networks Junos OS:\n12.3X48 versions prior to 12.3X48-D85 on SRX Series;\n15.1X49 versions prior to 15.1X49-D181, 15.1X49-D190 on SRX Series;\n17.3 versions on SRX Series;\n17.4 versions prior to 17.4R1-S8, 17.4R2-S5, 17.4R3 on SRX Series;\n18.1 versions prior to 18.1R3-S6 on SRX Series;\n18.2 versions prior to 18.2R2-S1, 18.2R3 on SRX Series;\n18.3 versions prior to 18.3R1-S2, 18.3R2 on SRX Series;\n18.4 versions prior to 18.4R1-S1, 18.4R2 on SRX Series.\n"
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-404 Improper Resource Shutdown or Release"
}
] ]
} }
] },
}, "configuration": [
"references": { {
"reference_data": [ "lang": "eng",
{ "value": "Sample SRX Series services gateway web-filtering configuration:\n\n security {\n utm {\n default-configuration {\n web-filtering {\n ...\n feature-profile {\n web-filtering {\n"
"name": "https://kb.juniper.net/JSA10946", }
"refsource": "CONFIRM", ],
"url": "https://kb.juniper.net/JSA10946" "data_format": "MITRE",
} "data_type": "CVE",
] "data_version": "4.0",
}, "description": {
"solution": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D85, 12.3X48-D90, 15.1X49-D181, 15.1X49-D190, 17.4R1-S8, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S1, 18.2R3, 18.3R1-S2, 18.3R2, 18.4R1-S1, 18.4R2, 19.1R1, 19.2R1, and all subsequent releases.\n" "value": "The srxpfe process may crash on SRX Series services gateways when the UTM module processes a specific fragmented HTTP packet. The packet is misinterpreted as a regular TCP packet which causes the processor to crash. This issue affects all SRX Series platforms that support URL-Filtering and have web-filtering enabled. Affected releases are Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D85 on SRX Series; 15.1X49 versions prior to 15.1X49-D181, 15.1X49-D190 on SRX Series; 17.3 versions on SRX Series; 17.4 versions prior to 17.4R1-S8, 17.4R2-S5, 17.4R3 on SRX Series; 18.1 versions prior to 18.1R3-S6 on SRX Series; 18.2 versions prior to 18.2R2-S1, 18.2R3 on SRX Series; 18.3 versions prior to 18.3R1-S2, 18.3R2 on SRX Series; 18.4 versions prior to 18.4R1-S1, 18.4R2 on SRX Series."
} }
], ]
"source": { },
"advisory": "JSA10946", "exploit": [
"defect": [ {
"1406403" "lang": "eng",
], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"discovery": "USER" }
}, ],
"work_around": [ "generator": {
{ "engine": "Vulnogram 0.0.6"
"lang": "eng", },
"value": "This issue can be mitigated by enabling HTTP reassembly in the web-filtering configuration:\n\n set security utm default-configuration web-filtering http-reassemble\n" "impact": {
} "cvss": {
] "attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-404 Improper Resource Shutdown or Release"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10946",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10946"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D85, 12.3X48-D90, 15.1X49-D181, 15.1X49-D190, 17.4R1-S8, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S1, 18.2R3, 18.3R1-S2, 18.3R2, 18.4R1-S1, 18.4R2, 19.1R1, 19.2R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA10946",
"defect": [
"1406403"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "This issue can be mitigated by enabling HTTP reassembly in the web-filtering configuration:\n\n set security utm default-configuration web-filtering http-reassemble\n"
}
]
} }

362
2019/0xxx/CVE-2019-0053.json
View File

@ -1,201 +1,167 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net", "ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-07-10T16:00:00.000Z", "DATE_PUBLIC": "2019-07-10T16:00:00.000Z",
"ID": "CVE-2019-0053", "ID": "CVE-2019-0053",
"STATE": "PUBLIC", "STATE": "PUBLIC",
"TITLE": "Junos OS: Insufficient validation of environment variables in telnet client may lead to stack-based buffer overflow" "TITLE": "Junos OS: Insufficient validation of environment variables in telnet client may lead to stack-based buffer overflow"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "vendor_name": "Juniper Networks",
"product_data": [ "product": {
{ "product_data": [
"product_name": "Junos OS", {
"version": { "product_name": "Junos OS",
"version_data": [ "version": {
{ "version_data": [
"version_affected": "<", {
"version_name": "12.3", "version_value": "12.3 versions prior to 12.3R12-S13"
"version_value": "12.3R12-S13" },
}, {
{ "version_value": "12.3X48 versions prior to 12.3X48-D80"
"version_affected": "<", },
"version_name": "12.3X48", {
"version_value": "12.3X48-D80" "version_value": "14.1X53 versions prior to 14.1X53-D130 and 14.1X53-D49"
}, },
{ {
"version_affected": "<", "version_value": "15.1 versions prior to 15.1F6-S12 and15.1R7-S4"
"version_name": "14.1X53", },
"version_value": "14.1X53-D130, 14.1X53-D49" {
}, "version_value": "15.1X49 versions prior to 15.1X49-D170"
{ },
"version_affected": "<", {
"version_name": "15.1", "version_value": "15.1X53 versions prior to 15.1X53-D237 and 15.1X53-D496 and 15.1X53-D591 and 15.1X53-D69"
"version_value": "15.1F6-S12, 15.1R7-S4" },
}, {
{ "version_value": "16.1 versions prior to 16.1R3-S11 and 16.1R7-S4"
"version_affected": "<", },
"version_name": "15.1X49", {
"version_value": "15.1X49-D170" "version_value": "16.2 versions prior to 16.2R2-S9"
}, },
{ {
"version_affected": "<", "version_value": "17.1 versions prior to 17.1R3"
"version_name": "15.1X53", },
"version_value": "15.1X53-D237, 15.1X53-D496, 15.1X53-D591, 15.1X53-D69" {
}, "version_value": "17.2 versions prior to 17.2R1-S8 and 17.2R2-S7 and 17.2R3-S1"
{ },
"version_affected": "<", {
"version_name": "16.1", "version_value": "17.3 versions prior to 17.3R3-S4"
"version_value": "16.1R3-S11, 16.1R7-S4" },
}, {
{ "version_value": "17.4 versions prior to 17.4R1-S6 and 17.4R2-S3 and 17.4R3"
"version_affected": "<", },
"version_name": "16.2", {
"version_value": "16.2R2-S9" "version_value": "18.1 versions prior to 18.1R2-S4 and 18.1R3-S3"
}, },
{ {
"version_affected": "<", "version_value": "18.2 versions prior to 18.2R1-S5 and 18.2R2-S2 and 18.2R3"
"version_name": "17.1", },
"version_value": "17.1R3" {
}, "version_value": "18.2X75 versions prior to 18.2X75-D40"
{ },
"version_affected": "<", {
"version_name": "17.2", "version_value": "18.3 versions prior to 18.3R1-S3 and 18.3R2"
"version_value": "17.2R1-S8, 17.2R2-S7, 17.2R3-S1" },
}, {
{ "version_value": "18.4 versions prior to 18.4R1-S2 and 18.4R2"
"version_affected": "<", }
"version_name": "17.3", ]
"version_value": "17.3R3-S4" }
}, }
{ ]
"version_affected": "<", }
"version_name": "17.4", }
"version_value": "17.4R1-S6, 17.4R2-S3, 17.4R3"
},
{
"version_affected": "<",
"version_name": "18.1",
"version_value": "18.1R2-S4, 18.1R3-S3"
},
{
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R1-S5, 18.2R2-S2, 18.2R3"
},
{
"version_affected": "<",
"version_name": "18.2X75",
"version_value": "18.2X75-D40"
},
{
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R1-S3, 18.3R2"
},
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R1-S2, 18.4R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Matthew Hickey, Hacker House (https://hacker.house/) who reported this issue on November 12, 2018.\n\n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS. A stack-based overflow is present in the handling of environment variables when connecting via the telnet client to remote telnet servers.\n\nThis issue only affects the telnet client — accessible from the CLI or shell — in Junos OS. Inbound telnet services are not affected by this issue.\n\nThis issue affects:\nJuniper Networks Junos OS:\n12.3 versions prior to 12.3R12-S13;\n12.3X48 versions prior to 12.3X48-D80;\n14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49;\n15.1 versions prior to 15.1F6-S12, 15.1R7-S4;\n15.1X49 versions prior to 15.1X49-D170;\n15.1X53 versions prior to 15.1X53-D237, 15.1X53-D496, 15.1X53-D591, 15.1X53-D69;\n16.1 versions prior to 16.1R3-S11, 16.1R7-S4;\n16.2 versions prior to 16.2R2-S9;\n17.1 versions prior to 17.1R3;\n17.2 versions prior to 17.2R1-S8, 17.2R2-S7, 17.2R3-S1;\n17.3 versions prior to 17.3R3-S4;\n17.4 versions prior to 17.4R1-S6, 17.4R2-S3, 17.4R3;\n18.1 versions prior to 18.1R2-S4, 18.1R3-S3;\n18.2 versions prior to 18.2R1-S5, 18.2R2-S2, 18.2R3;\n18.2X75 versions prior to 18.2X75-D40;\n18.3 versions prior to 18.3R1-S3, 18.3R2;\n18.4 versions prior to 18.4R1-S2, 18.4R2."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
] ]
} }
] },
}, "credit": [
"references": { {
"reference_data": [ "lang": "eng",
{ "value": "Matthew Hickey, Hacker House (https://hacker.house/) who reported this issue on November 12, 2018.\n\n"
"name": "https://kb.juniper.net/JSA10947", }
"refsource": "CONFIRM", ],
"url": "https://kb.juniper.net/JSA10947" "data_format": "MITRE",
}, "data_type": "CVE",
{ "data_version": "4.0",
"name": "https://www.exploit-db.com/exploits/45982", "description": {
"refsource": "MISC", "description_data": [
"url": "https://www.exploit-db.com/exploits/45982" {
} "lang": "eng",
] "value": "Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS. A stack-based overflow is present in the handling of environment variables when connecting via the telnet client to remote telnet servers. This issue only affects the telnet client \u2014 accessible from the CLI or shell \u2014 in Junos OS. Inbound telnet services are not affected by this issue. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S13; 12.3X48 versions prior to 12.3X48-D80; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D237, 15.1X53-D496, 15.1X53-D591, 15.1X53-D69; 16.1 versions prior to 16.1R3-S11, 16.1R7-S4; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R2-S7, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S3; 18.2 versions prior to 18.2R1-S5, 18.2R2-S2, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2."
}, }
"solution": [ ]
{ },
"lang": "eng", "exploit": [
"value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S13, 12.3X48-D80, 12.3X48-D85, 14.1X53-D130, 14.1X53-D49, 15.1F6-S12, 15.1R7-S4, 15.1X49-D170, 15.1X53-D237, 15.1X53-D496, 15.1X53-D591, 15.1X53-D69, 16.1R3-S11, 16.1R7-S4, 16.2R2-S9, 17.1R3, 17.2R1-S8, 17.2R2-S7, 17.2R3-S1, 17.3R3-S4, 17.4R1-S6, 17.4R2-S3, 17.4R3, 18.1R2-S4, 18.1R3-S3, 18.2R1-S5, 18.2R2-S2, 18.2R3, 18.2X75-D40, 18.3R1-S3, 18.3R2, 18.4R1-S2, 18.4R2, 19.1R1, and all subsequent releases.\n" {
} "lang": "eng",
], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"source": { }
"advisory": "JSA10947", ],
"defect": [ "generator": {
"1409847" "engine": "Vulnogram 0.0.6"
], },
"discovery": "EXTERNAL" "impact": {
}, "cvss": {
"work_around": [ "attackComplexity": "LOW",
{ "attackVector": "LOCAL",
"lang": "eng", "availabilityImpact": "HIGH",
"value": "Since this issue is specific to outbound connections to a malicious host from the local telnet client, mitigation includes:\n* limit access to the Junos CLI and shell from only from trusted administrators\n* block outbound telnet connections\n* deny access to the telnet command and shell per user or user class" "baseScore": 7.8,
} "baseSeverity": "HIGH",
] "confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10947",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10947"
},
{
"name": "https://www.exploit-db.com/exploits/45982",
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/45982"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S13, 12.3X48-D80, 12.3X48-D85, 14.1X53-D130, 14.1X53-D49, 15.1F6-S12, 15.1R7-S4, 15.1X49-D170, 15.1X53-D237, 15.1X53-D496, 15.1X53-D591, 15.1X53-D69, 16.1R3-S11, 16.1R7-S4, 16.2R2-S9, 17.1R3, 17.2R1-S8, 17.2R2-S7, 17.2R3-S1, 17.3R3-S4, 17.4R1-S6, 17.4R2-S3, 17.4R3, 18.1R2-S4, 18.1R3-S3, 18.2R1-S5, 18.2R2-S2, 18.2R3, 18.2X75-D40, 18.3R1-S3, 18.3R2, 18.4R1-S2, 18.4R2, 19.1R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA10947",
"defect": [
"1409847"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Since this issue is specific to outbound connections to a malicious host from the local telnet client, mitigation includes:\n* limit access to the Junos CLI and shell from only from trusted administrators\n* block outbound telnet connections\n* deny access to the telnet command and shell per user or user class"
}
]
} }

56
2019/1010xxx/CVE-2019-1010314.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010314", "ID": "CVE-2019-1010314",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC"
"STATE": "RESERVED"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Gitea",
"version": {
"version_data": [
{
"version_value": "1.7.2, 1.7.3"
}
]
}
}
]
},
"vendor_name": "Gitea"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Gitea 1.7.2, 1.7.3 is affected by: Cross Site Scripting (XSS). The impact is: execute JavaScript in victim's browser, when the vulnerable repo page is loaded. The component is: repository's description. The attack vector is: victim must navigate to public and affected repo page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/go-gitea/gitea/releases",
"refsource": "MISC",
"name": "https://github.com/go-gitea/gitea/releases"
} }
] ]
} }

61
2019/1010xxx/CVE-2019-1010315.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010315", "ID": "CVE-2019-1010315",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC"
"STATE": "RESERVED"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "WavPack",
"product": {
"product_data": [
{
"product_name": "WavPack",
"version": {
"version_data": [
{
"version_value": "<=5.1 [fixed: After commit https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc]"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig (dsdiff.c:282). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE 369: Divide by Zero"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/dbry/WavPack/issues/65",
"refsource": "MISC",
"name": "https://github.com/dbry/WavPack/issues/65"
},
{
"refsource": "MISC",
"name": "https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc",
"url": "https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc"
} }
] ]
} }

56
2019/1010xxx/CVE-2019-1010316.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010316", "ID": "CVE-2019-1010316",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC"
"STATE": "RESERVED"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pyxtrlock",
"product": {
"product_data": [
{
"product_name": "pyxtrlock",
"version": {
"version_data": [
{
"version_value": "<=0.3 [fixed: 0.4]"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "pyxtrlock 0.3 and earlier is affected by: Incorrect Access Control. The impact is: False locking impression when run in a non-X11 session. The fixed version is: 0.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/leonnnn/pyxtrlock/issues/21",
"refsource": "MISC",
"name": "https://github.com/leonnnn/pyxtrlock/issues/21"
} }
] ]
} }

61
2019/1010xxx/CVE-2019-1010317.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010317", "ID": "CVE-2019-1010317",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC"
"STATE": "RESERVED"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WavPack",
"version": {
"version_data": [
{
"version_value": "5.1.0 and earlier [fixed: After commit https://github.com/dbry/WavPack/commit/f68a9555b548306c5b1ee45199ccdc4a16a6101b]"
}
]
}
}
]
},
"vendor_name": "WavPack"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig (caff.c:486). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/f68a9555b548306c5b1ee45199ccdc4a16a6101b."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-457: Use of Uninitialized Variable"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/dbry/WavPack/issues/66",
"refsource": "MISC",
"name": "https://github.com/dbry/WavPack/issues/66"
},
{
"refsource": "MISC",
"name": "https://github.com/dbry/WavPack/commit/f68a9555b548306c5b1ee45199ccdc4a16a6101b",
"url": "https://github.com/dbry/WavPack/commit/f68a9555b548306c5b1ee45199ccdc4a16a6101b"
} }
] ]
} }

61
2019/1010xxx/CVE-2019-1010318.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010318", "ID": "CVE-2019-1010318",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC"
"STATE": "RESERVED"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "WavPack",
"product": {
"product_data": [
{
"product_name": "WavPack",
"version": {
"version_data": [
{
"version_value": "<=5.1.0 [fixed: After commit https://github.com/dbry/WavPack/commit/bc6cba3f552c44565f7f1e66dc1580189addb2b4]"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: WavpackSetConfiguration64 (pack_utils.c:198). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/bc6cba3f552c44565f7f1e66dc1580189addb2b4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-457: Use of Uninitialized Variable"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/dbry/WavPack/issues/67",
"refsource": "MISC",
"name": "https://github.com/dbry/WavPack/issues/67"
},
{
"refsource": "MISC",
"name": "https://github.com/dbry/WavPack/commit/bc6cba3f552c44565f7f1e66dc1580189addb2b4",
"url": "https://github.com/dbry/WavPack/commit/bc6cba3f552c44565f7f1e66dc1580189addb2b4"
} }
] ]
} }

61
2019/1010xxx/CVE-2019-1010319.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010319", "ID": "CVE-2019-1010319",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC"
"STATE": "RESERVED"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "WavPack",
"product": {
"product_data": [
{
"product_name": "WavPack",
"version": {
"version_data": [
{
"version_value": "<=5.1.0 [fixed: After commit https://github.com/dbry/WavPack/commit/33a0025d1d63ccd05d9dbaa6923d52b1446a62fe]"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig (wave64.c:211). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/33a0025d1d63ccd05d9dbaa6923d52b1446a62fe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-457: Use of Uninitialized Variable"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/dbry/WavPack/issues/68",
"refsource": "MISC",
"name": "https://github.com/dbry/WavPack/issues/68"
},
{
"refsource": "MISC",
"name": "https://github.com/dbry/WavPack/commit/33a0025d1d63ccd05d9dbaa6923d52b1446a62fe",
"url": "https://github.com/dbry/WavPack/commit/33a0025d1d63ccd05d9dbaa6923d52b1446a62fe"
} }
] ]
} }

55
2019/10xxx/CVE-2019-10970.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-10970", "ID": "CVE-2019-10970",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Rockwell Automation PanelView 5510",
"version": {
"version_data": [
{
"version_value": "all versions manufactured before March 13, 2019 that have never been updated to v4.003, v5.002, or later"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER ACCESS CONTROL CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "109105",
"url": "http://www.securityfocus.com/bid/109105"
},
{
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-190-02",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-190-02"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In Rockwell Automation PanelView 5510 (all versions manufactured before March 13, 2019 that have never been updated to v4.003, v5.002, or later), a remote, unauthenticated threat actor with access to an affected PanelView 5510 Graphic Display, upon successful exploit, may boot-up the terminal and gain root-level access to the device\u2019s file system."
} }
] ]
} }

16
2019/11xxx/CVE-2019-11387.json
View File

@ -53,9 +53,19 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1359", "refsource": "CONFIRM",
"refsource": "MISC", "name": "https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1359",
"name": "https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1359" "url": "https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1359"
},
{
"refsource": "CONFIRM",
"name": "https://coreruleset.org/20190627/announcement-owasp-modsecurity-core-rule-set-version-3-1-1/",
"url": "https://coreruleset.org/20190627/announcement-owasp-modsecurity-core-rule-set-version-3-1-1/"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/v3.1/dev/CHANGES",
"url": "https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/v3.1/dev/CHANGES"
} }
] ]
} }

56
2019/12xxx/CVE-2019-12571.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-12571",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-12571",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v0.9.8 beta (build 02099) for macOS could allow an authenticated, local attacker to overwrite arbitrary files. When the client initiates a connection, the XML /tmp/pia-watcher.plist file is created. If the file exists, it will be truncated and the contents completely overwritten. This file is removed on disconnect. An unprivileged user can create a hard or soft link to arbitrary files owned by any user on the system, including root. This creates a denial of service condition and possible data loss if leveraged by a malicious local user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12571.txt",
"url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12571.txt"
} }
] ]
} }

56
2019/12xxx/CVE-2019-12573.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-12573",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-12573",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to overwrite arbitrary files. The openvpn_launcher binary is setuid root. This binary supports the --log option, which accepts a path as an argument. This parameter is not sanitized, which allows a local unprivileged user to overwrite arbitrary files owned by any user on the system, including root. This creates a denial of service condition and possible data loss if leveraged by a malicious local user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12573.txt",
"url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12573.txt"
} }
] ]
} }

56
2019/12xxx/CVE-2019-12574.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-12574",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-12574",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v1.0 for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The PIA client is vulnerable to a DLL injection vulnerability during the software update process. The updater loads several libraries from a folder that authenticated users have write access to. A low privileged user can leverage this vulnerability to execute arbitrary code as SYSTEM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12574.txt",
"url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12574.txt"
} }
] ]
} }

56
2019/12xxx/CVE-2019-12575.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-12575",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-12575",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The root_runner.64 binary is setuid root. This binary executes /opt/pia/ruby/64/ruby, which in turn attempts to load several libraries under /tmp/ruby-deploy.old/lib. A local unprivileged user can create a malicious library under this path to execute arbitrary code as the root user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12575.txt",
"url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12575.txt"
} }
] ]
} }

56
2019/12xxx/CVE-2019-12576.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-12576",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-12576",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The openvpn_launcher binary is setuid root. This program is called during the connection process and executes several operating system utilities to configure the system. The networksetup utility is called using relative paths. A local unprivileged user can execute arbitrary commands as root by creating a networksetup trojan which will be executed during the connection process. This is possible because the PATH environment variable is not reset prior to executing the OS utility."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12576.txt",
"url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12576.txt"
} }
] ]
} }

56
2019/12xxx/CVE-2019-12577.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-12577",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-12577",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The macOS binary openvpn_launcher.64 is setuid root. This binary creates /tmp/pia_upscript.sh when executed. Because the file creation mask (umask) is not reset, the umask value is inherited from the calling process. This value can be manipulated to cause the privileged binary to create files with world writable permissions. A local unprivileged user can modify /tmp/pia_upscript.sh during the connect process to execute arbitrary code as the root user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12577.txt",
"url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12577.txt"
} }
] ]
} }

56
2019/12xxx/CVE-2019-12578.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-12578",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-12578",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The openvpn_launcher.64 binary is setuid root. This binary executes /opt/pia/openvpn-64/openvpn, passing the parameters provided from the command line. Care was taken to programmatically disable potentially dangerous openvpn parameters; however, the --route-pre-down parameter can be used. This parameter accepts an arbitrary path to a script/program to be executed when OpenVPN exits. The --script-security parameter also needs to be passed to allow for this action to be taken, and --script-security is not currently in the disabled parameter list. A local unprivileged user can pass a malicious script/binary to the --route-pre-down option, which will be executed as root when openvpn is stopped."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12578.txt",
"url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12578.txt"
} }
] ]
} }

56
2019/12xxx/CVE-2019-12579.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-12579",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-12579",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The PIA Linux/macOS binary openvpn_launcher.64 binary is setuid root. This binary accepts several parameters to update the system configuration. These parameters are passed to operating system commands using a \"here\" document. The parameters are not sanitized, which allow for arbitrary commands to be injected using shell metacharacters. A local unprivileged user can pass special crafted parameters that will be interpolated by the operating system calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12579.txt",
"url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12579.txt"
} }
] ]
} }

186
2019/4xxx/CVE-2019-4118.json
View File

@ -1,96 +1,96 @@
{ {
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"vendor_name" : "IBM", "vendor_name": "IBM",
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.1.0" "version_value": "3.1.0"
}, },
{ {
"version_value" : "3.1.1" "version_value": "3.1.1"
}, },
{ {
"version_value" : "3.1.2" "version_value": "3.1.2"
} }
] ]
}, },
"product_name" : "Multicloud Manager" "product_name": "Multicloud Manager"
} }
] ]
} }
} }
]
}
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"value" : "IBM Multicloud Manager 3.1.0, 3.1.1, and 3.1.2 ibm-mcm-chart could allow a local attacker with admin privileges to obtain highly sensitive information upon deployment. IBM X-Force ID: 158144.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
] ]
} }
] },
}, "data_format": "MITRE",
"CVE_data_meta" : { "description": {
"DATE_PUBLIC" : "2019-07-08T00:00:00", "description_data": [
"ID" : "CVE-2019-4118", {
"ASSIGNER" : "psirt@us.ibm.com", "value": "IBM Multicloud Manager 3.1.0, 3.1.1, and 3.1.2 ibm-mcm-chart could allow a local attacker with admin privileges to obtain highly sensitive information upon deployment. IBM X-Force ID: 158144.",
"STATE" : "PUBLIC" "lang": "eng"
}, }
"impact" : { ]
"cvssv3" : { },
"BM" : { "data_version": "4.0",
"A" : "N", "data_type": "CVE",
"SCORE" : "4.400", "problemtype": {
"UI" : "N", "problemtype_data": [
"AC" : "L", {
"C" : "H", "description": [
"AV" : "L", {
"I" : "N", "value": "Obtain Information",
"PR" : "H", "lang": "eng"
"S" : "U" }
}, ]
"TM" : { }
"RL" : "O", ]
"RC" : "C", },
"E" : "U" "CVE_data_meta": {
} "DATE_PUBLIC": "2019-07-08T00:00:00",
} "ID": "CVE-2019-4118",
}, "ASSIGNER": "psirt@us.ibm.com",
"references" : { "STATE": "PUBLIC"
"reference_data" : [ },
{ "impact": {
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10885290", "cvssv3": {
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10885290", "BM": {
"title" : "IBM Security Bulletin 885290 (Multicloud Manager)", "A": "N",
"refsource" : "CONFIRM" "SCORE": "4.400",
}, "UI": "N",
{ "AC": "L",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/158144", "C": "H",
"title" : "X-Force Vulnerability Report", "AV": "L",
"name" : "ibm-mcm-cve20194118-info-disc (158144)", "I": "N",
"refsource" : "XF" "PR": "H",
} "S": "U"
] },
} "TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"references": {
"reference_data": [
{
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10885290",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10885290",
"title": "IBM Security Bulletin 885290 (Multicloud Manager)",
"refsource": "CONFIRM"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158144",
"title": "X-Force Vulnerability Report",
"name": "ibm-mcm-cve20194118-info-disc (158144)",
"refsource": "XF"
}
]
}
} }

170
2019/4xxx/CVE-2019-4131.json
View File

@ -1,90 +1,90 @@
{ {
"data_format" : "MITRE", "data_format": "MITRE",
"description" : { "description": {
"description_data" : [ "description_data": [
{
"lang" : "eng",
"value" : "IBM Application Performance Management (IBM Monitoring 8.1.4) could allow a remote attacker to induce the application to perform server-side DNS lookups of arbitrary domain names. IBM X-Force ID: 158270."
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{ {
"vendor_name" : "IBM", "lang": "eng",
"product" : { "value": "IBM Application Performance Management (IBM Monitoring 8.1.4) could allow a remote attacker to induce the application to perform server-side DNS lookups of arbitrary domain names. IBM X-Force ID: 158270."
"product_data" : [
{
"product_name" : "Monitoring",
"version" : {
"version_data" : [
{
"version_value" : "8.1.4"
}
]
}
}
]
}
} }
] ]
} },
}, "data_version": "4.0",
"impact" : { "affects": {
"cvssv3" : { "vendor": {
"BM" : { "vendor_data": [
"UI" : "N", {
"A" : "N", "vendor_name": "IBM",
"SCORE" : "5.300", "product": {
"I" : "L", "product_data": [
"S" : "U", {
"PR" : "N", "product_name": "Monitoring",
"C" : "N", "version": {
"AC" : "L", "version_data": [
"AV" : "N" {
}, "version_value": "8.1.4"
"TM" : { }
"RL" : "O", ]
"E" : "U", }
"RC" : "C" }
} ]
} }
}, }
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 957121 (Monitoring)",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10957121",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10957121"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-apm-cve20194131-dns (158270)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/158270"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Other"
}
] ]
} }
] },
}, "impact": {
"data_type" : "CVE", "cvssv3": {
"CVE_data_meta" : { "BM": {
"ID" : "CVE-2019-4131", "UI": "N",
"STATE" : "PUBLIC", "A": "N",
"ASSIGNER" : "psirt@us.ibm.com", "SCORE": "5.300",
"DATE_PUBLIC" : "2019-07-01T00:00:00" "I": "L",
} "S": "U",
"PR": "N",
"C": "N",
"AC": "L",
"AV": "N"
},
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
}
}
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 957121 (Monitoring)",
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10957121",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10957121"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "ibm-apm-cve20194131-dns (158270)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158270"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"data_type": "CVE",
"CVE_data_meta": {
"ID": "CVE-2019-4131",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2019-07-01T00:00:00"
}
} }

180
2019/4xxx/CVE-2019-4193.json
View File

@ -1,93 +1,93 @@
{ {
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"vendor_name" : "IBM", "vendor_name": "IBM",
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.1.3" "version_value": "1.1.3"
}, },
{ {
"version_value" : "1.1.3.2" "version_value": "1.1.3.2"
} }
] ]
}, },
"product_name" : "Jazz for Service Management" "product_name": "Jazz for Service Management"
} }
] ]
} }
} }
]
}
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"value" : "IBM Jazz for Service Management 1.1.3 and 1.1.3.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-force ID: 159032.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
] ]
} }
] },
}, "data_format": "MITRE",
"CVE_data_meta" : { "description": {
"ID" : "CVE-2019-4193", "description_data": [
"STATE" : "PUBLIC", {
"ASSIGNER" : "psirt@us.ibm.com", "value": "IBM Jazz for Service Management 1.1.3 and 1.1.3.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-force ID: 159032.",
"DATE_PUBLIC" : "2019-07-05T00:00:00" "lang": "eng"
}, }
"impact" : { ]
"cvssv3" : { },
"BM" : { "data_version": "4.0",
"C" : "H", "data_type": "CVE",
"AC" : "H", "problemtype": {
"AV" : "N", "problemtype_data": [
"I" : "N", {
"PR" : "N", "description": [
"S" : "U", {
"A" : "N", "value": "Obtain Information",
"SCORE" : "5.900", "lang": "eng"
"UI" : "N" }
}, ]
"TM" : { }
"RL" : "O", ]
"RC" : "C", },
"E" : "U" "CVE_data_meta": {
} "ID": "CVE-2019-4193",
} "STATE": "PUBLIC",
}, "ASSIGNER": "psirt@us.ibm.com",
"references" : { "DATE_PUBLIC": "2019-07-05T00:00:00"
"reference_data" : [ },
{ "impact": {
"refsource" : "CONFIRM", "cvssv3": {
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10885985", "BM": {
"title" : "IBM Security Bulletin 0885985 (Jazz for Service Management)", "C": "H",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10885985" "AC": "H",
}, "AV": "N",
{ "I": "N",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/159032", "PR": "N",
"refsource" : "XF", "S": "U",
"name" : "ibm-jazz-cve20194193-info-disc (159032)", "A": "N",
"title" : "X-Force Vulnerability Report" "SCORE": "5.900",
} "UI": "N"
] },
} "TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10885985",
"title": "IBM Security Bulletin 0885985 (Jazz for Service Management)",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10885985"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/159032",
"refsource": "XF",
"name": "ibm-jazz-cve20194193-info-disc (159032)",
"title": "X-Force Vulnerability Report"
}
]
}
} }

170
2019/4xxx/CVE-2019-4263.json
View File

@ -1,90 +1,90 @@
{ {
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{
"lang" : "eng",
"value" : "IBM Content Navigator 3.0CD is vulnerable to local file inclusion, allowing an attacker to access a configuration file in the ICN server. IBM X-Force ID: 160015."
}
]
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{ {
"vendor_name" : "IBM", "lang": "eng",
"product" : { "value": "IBM Content Navigator 3.0CD is vulnerable to local file inclusion, allowing an attacker to access a configuration file in the ICN server. IBM X-Force ID: 160015."
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "3.0CD"
}
]
},
"product_name" : "Content Navigator"
}
]
}
} }
] ]
} },
}, "data_format": "MITRE",
"references" : { "affects": {
"reference_data" : [ "vendor": {
{ "vendor_data": [
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10882412", {
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10882412", "vendor_name": "IBM",
"title" : "IBM Security Bulletin 882412 (Content Navigator)", "product": {
"refsource" : "CONFIRM" "product_data": [
}, {
{ "version": {
"refsource" : "XF", "version_data": [
"name" : "ibm-cn-cve20194263-info-disc (160015)", {
"title" : "X-Force Vulnerability Report", "version_value": "3.0CD"
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/160015" }
} ]
] },
}, "product_name": "Content Navigator"
"impact" : { }
"cvssv3" : { ]
"TM" : { }
"E" : "U", }
"RC" : "C",
"RL" : "O"
},
"BM" : {
"I" : "N",
"PR" : "L",
"S" : "U",
"AC" : "L",
"C" : "L",
"AV" : "N",
"UI" : "N",
"A" : "N",
"SCORE" : "4.300"
}
}
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2019-4263",
"DATE_PUBLIC" : "2019-07-01T00:00:00"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
] ]
} }
] },
}, "references": {
"data_type" : "CVE" "reference_data": [
{
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10882412",
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10882412",
"title": "IBM Security Bulletin 882412 (Content Navigator)",
"refsource": "CONFIRM"
},
{
"refsource": "XF",
"name": "ibm-cn-cve20194263-info-disc (160015)",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/160015"
}
]
},
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"I": "N",
"PR": "L",
"S": "U",
"AC": "L",
"C": "L",
"AV": "N",
"UI": "N",
"A": "N",
"SCORE": "4.300"
}
}
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2019-4263",
"DATE_PUBLIC": "2019-07-01T00:00:00"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE"
} }