From cbb4e9d6dc5c26cdefae40ecf402f53be72f05f7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 29 Jul 2019 20:00:57 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/14xxx/CVE-2019-14415.json | 76 ++++++++++++++++++++++++++++++++++ 2019/14xxx/CVE-2019-14416.json | 76 ++++++++++++++++++++++++++++++++++ 2019/14xxx/CVE-2019-14417.json | 76 ++++++++++++++++++++++++++++++++++ 2019/14xxx/CVE-2019-14418.json | 76 ++++++++++++++++++++++++++++++++++ 2019/3xxx/CVE-2019-3461.json | 5 +++ 5 files changed, 309 insertions(+) create mode 100644 2019/14xxx/CVE-2019-14415.json create mode 100644 2019/14xxx/CVE-2019-14416.json create mode 100644 2019/14xxx/CVE-2019-14417.json create mode 100644 2019/14xxx/CVE-2019-14418.json diff --git a/2019/14xxx/CVE-2019-14415.json b/2019/14xxx/CVE-2019-14415.json new file mode 100644 index 00000000000..84886203f13 --- /dev/null +++ b/2019/14xxx/CVE-2019-14415.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14415", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. A persistent cross-site scripting (XSS) vulnerability allows a malicious VRP user to inject malicious script into another user's browser, related to resiliency plans functionality. A victim must open a resiliency plan that an attacker has access to." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.veritas.com/content/support/en_US/security/VTS19-002.html#Issue4", + "refsource": "MISC", + "name": "https://www.veritas.com/content/support/en_US/security/VTS19-002.html#Issue4" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:L/C:L/I:L/PR:H/S:C/UI:R", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14416.json b/2019/14xxx/CVE-2019-14416.json new file mode 100644 index 00000000000..02bc7d3e5b0 --- /dev/null +++ b/2019/14xxx/CVE-2019-14416.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14416", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to resiliency plans and custom script functionality." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.veritas.com/content/support/en_US/security/VTS19-002.html#Issue3", + "refsource": "MISC", + "name": "https://www.veritas.com/content/support/en_US/security/VTS19-002.html#Issue3" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:H/S:U/UI:N", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14417.json b/2019/14xxx/CVE-2019-14417.json new file mode 100644 index 00000000000..bc168983670 --- /dev/null +++ b/2019/14xxx/CVE-2019-14417.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14417", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to DNS functionality." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.veritas.com/content/support/en_US/security/VTS19-002.html#Issue2", + "refsource": "MISC", + "name": "https://www.veritas.com/content/support/en_US/security/VTS19-002.html#Issue2" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:H/S:U/UI:N", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14418.json b/2019/14xxx/CVE-2019-14418.json new file mode 100644 index 00000000000..b778d5c3bde --- /dev/null +++ b/2019/14xxx/CVE-2019-14418.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14418", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.veritas.com/content/support/en_US/security/VTS19-002.html#Issue1", + "refsource": "MISC", + "name": "https://www.veritas.com/content/support/en_US/security/VTS19-002.html#Issue1" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3461.json b/2019/3xxx/CVE-2019-3461.json index d5d40dd9fc6..b7cf5fc7621 100644 --- a/2019/3xxx/CVE-2019-3461.json +++ b/2019/3xxx/CVE-2019-3461.json @@ -67,6 +67,11 @@ "name": "DSA-4365", "refsource": "DEBIAN", "url": "https://lists.debian.org/debian-security-announce/2019/msg00003.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4077-1", + "url": "https://usn.ubuntu.com/4077-1/" } ] }