diff --git a/2018/7xxx/CVE-2018-7101.json b/2018/7xxx/CVE-2018-7101.json index 4e7e3f821cb..bd689fbb9d6 100644 --- a/2018/7xxx/CVE-2018-7101.json +++ b/2018/7xxx/CVE-2018-7101.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "security-alert@hpe.com", "ID" : "CVE-2018-7101", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE Integrated Lights-Out 4 (iLO 4)", + "version" : { + "version_data" : [ + { + "version_value" : "iLO 4 prior to v2.26, iLO5 prior to v1.30" + } + ] + } + } + ] + }, + "vendor_name" : "Hewlett Packard Enterprise" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "remote denial of service" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03875en_us" } ] } diff --git a/2018/7xxx/CVE-2018-7102.json b/2018/7xxx/CVE-2018-7102.json index 398db610f6f..1bcafec1753 100644 --- a/2018/7xxx/CVE-2018-7102.json +++ b/2018/7xxx/CVE-2018-7102.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "security-alert@hpe.com", "ID" : "CVE-2018-7102", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "HPE Intelligent Management Center (iMC) PLAT", + "version" : { + "version_data" : [ + { + "version_value" : "E0506P09" + } + ] + } + } + ] + }, + "vendor_name" : "Hewlett Packard Enterprise" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "A security vulnerability in HPE Intelligent Management Center (iMC) PLAT E0506P09, createFabricAutoCfgFile could be remotely exploited via directory traversal to allow remote arbitrary file modification." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Arbitrary File Modification" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03887en_us" } ] } diff --git a/2018/7xxx/CVE-2018-7103.json b/2018/7xxx/CVE-2018-7103.json index 009265f2af9..2d8ac07801b 100644 --- a/2018/7xxx/CVE-2018-7103.json +++ b/2018/7xxx/CVE-2018-7103.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "security-alert@hpe.com", "ID" : "CVE-2018-7103", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "HPE Intelligent Management Center (iMC) Wireless Services Manager Software", + "version" : { + "version_data" : [ + { + "version_value" : "Prior to IMC WSM 7.3 E0506P02" + } + ] + } + } + ] + }, + "vendor_name" : "Hewlett Packard Enterprise" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02 ." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03893en_us" } ] } diff --git a/2018/7xxx/CVE-2018-7104.json b/2018/7xxx/CVE-2018-7104.json index 64b58e46fdd..c2ae2653002 100644 --- a/2018/7xxx/CVE-2018-7104.json +++ b/2018/7xxx/CVE-2018-7104.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "security-alert@hpe.com", "ID" : "CVE-2018-7104", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "HPE Intelligent Management Center (iMC) Wireless Services Manager Software", + "version" : { + "version_data" : [ + { + "version_value" : "Prior to IMC WSM 7.3 E0506P02" + } + ] + } + } + ] + }, + "vendor_name" : "Hewlett Packard Enterprise" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02 ." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03893en_us" } ] } diff --git a/2018/7xxx/CVE-2018-7105.json b/2018/7xxx/CVE-2018-7105.json index fc96402945b..09268c28e49 100644 --- a/2018/7xxx/CVE-2018-7105.json +++ b/2018/7xxx/CVE-2018-7105.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "security-alert@hpe.com", "ID" : "CVE-2018-7105", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 3 (iLO 3)", + "version" : { + "version_data" : [ + { + "version_value" : "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90" + } + ] + } + } + ] + }, + "vendor_name" : "Hewlett Packard Enterprise" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "A security vulnerability inHPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "remote execution of arbitrary code" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03866en_us" } ] } diff --git a/2018/7xxx/CVE-2018-7106.json b/2018/7xxx/CVE-2018-7106.json index 75fbb547a95..f811f3742d6 100644 --- a/2018/7xxx/CVE-2018-7106.json +++ b/2018/7xxx/CVE-2018-7106.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "security-alert@hpe.com", "ID" : "CVE-2018-7106", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 3 (iLO 3)", + "version" : { + "version_data" : [ + { + "version_value" : "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90" + } + ] + } + } + ] + }, + "vendor_name" : "Hewlett Packard Enterprise" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to disclose sensitive information." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "remote disclosure of sensitive information" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03866en_us" } ] } diff --git a/2018/7xxx/CVE-2018-7107.json b/2018/7xxx/CVE-2018-7107.json index 8ca0435f820..f88d96105a0 100644 --- a/2018/7xxx/CVE-2018-7107.json +++ b/2018/7xxx/CVE-2018-7107.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "security-alert@hpe.com", "ID" : "CVE-2018-7107", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "HPE Device Entitlement Gateway (DEG)", + "version" : { + "version_data" : [ + { + "version_value" : "v3.2.4, v3.3 and v3.3.1" + } + ] + } + } + ] + }, + "vendor_name" : "Hewlett Packard Enterprise" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "A potential security vulnerability has been identified in HPE Device Entitlement Gateway (DEG) v3.2.4, v3.3 and v3.3.1. The vulnerability could be remotely exploited to allow local SQL injection and elevation of privilege." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote SQL Injection and Elevation of Privileges" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03889en_us" } ] } diff --git a/2018/7xxx/CVE-2018-7108.json b/2018/7xxx/CVE-2018-7108.json index adfabe80606..2eafd0faec5 100644 --- a/2018/7xxx/CVE-2018-7108.json +++ b/2018/7xxx/CVE-2018-7108.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "security-alert@hpe.com", "ID" : "CVE-2018-7108", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "HPE StorageWorks XP7 Automation Director (AutoDir)", + "version" : { + "version_data" : [ + { + "version_value" : "version 8.5.2-02 to earlier than 8.6.1-00" + } + ] + } + } + ] + }, + "vendor_name" : "Hewlett Packard Enterprise" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "HPE StorageWorks XP7 Automation Director (AutoDir) version 8.5.2-02 to earlier than 8.6.1-00 has a local and remote authentication bypass vulnerability that exposed the user authentication information of the storage system. This problem sometimes occurred under specific conditions when running a service template." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Local and Remote Authentication Bypass" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03879en_us" } ] } diff --git a/2018/7xxx/CVE-2018-7109.json b/2018/7xxx/CVE-2018-7109.json index 89c480417e2..beafb9a96e7 100644 --- a/2018/7xxx/CVE-2018-7109.json +++ b/2018/7xxx/CVE-2018-7109.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "security-alert@hpe.com", "ID" : "CVE-2018-7109", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "HPE enhanced Internet Usage Manager (eIUM)", + "version" : { + "version_data" : [ + { + "version_value" : "v9.0FP1" + } + ] + } + } + ] + }, + "vendor_name" : "Hewlett Packard Enterprise" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "HPE has addressed a remote arbitrary file modification vulnerability in HPE enhanced Internet Usage Manager (eIUM) v9.0FP1 with the cumulative patch for v9.0FP1 - eIUM90FP01XXX.YYYYMMDD-HHMM." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Arbitrary File Modification" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03896en_us" } ] }