admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Added submission from HPE from 2018-09-27.

Browse Source
This commit is contained in:
CVE Team 2018-09-27 13:15:54 -04:00
parent 92e42caaed
commit d2c92ab452
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
9 changed files with 405 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
2018/7xxx/CVE-2018-7101.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "security-alert@hpe.com",
"ID" : "CVE-2018-7101",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE Integrated Lights-Out 4 (iLO 4)",
"version" : {
"version_data" : [
{
"version_value" : "iLO 4 prior to v2.26, iLO5 prior to v1.30"
}
]
}
}
]
},
"vendor_name" : "Hewlett Packard Enterprise"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "remote denial of service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03875en_us"
}
]
}

48
2018/7xxx/CVE-2018-7102.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "security-alert@hpe.com",
"ID" : "CVE-2018-7102",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "HPE Intelligent Management Center (iMC) PLAT",
"version" : {
"version_data" : [
{
"version_value" : "E0506P09"
}
]
}
}
]
},
"vendor_name" : "Hewlett Packard Enterprise"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A security vulnerability in HPE Intelligent Management Center (iMC) PLAT E0506P09, createFabricAutoCfgFile could be remotely exploited via directory traversal to allow remote arbitrary file modification."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Arbitrary File Modification"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03887en_us"
}
]
}

48
2018/7xxx/CVE-2018-7103.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "security-alert@hpe.com",
"ID" : "CVE-2018-7103",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "HPE Intelligent Management Center (iMC) Wireless Services Manager Software",
"version" : {
"version_data" : [
{
"version_value" : "Prior to IMC WSM 7.3 E0506P02"
}
]
}
}
]
},
"vendor_name" : "Hewlett Packard Enterprise"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02 ."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03893en_us"
}
]
}

48
2018/7xxx/CVE-2018-7104.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "security-alert@hpe.com",
"ID" : "CVE-2018-7104",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "HPE Intelligent Management Center (iMC) Wireless Services Manager Software",
"version" : {
"version_data" : [
{
"version_value" : "Prior to IMC WSM 7.3 E0506P02"
}
]
}
}
]
},
"vendor_name" : "Hewlett Packard Enterprise"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02 ."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03893en_us"
}
]
}

48
2018/7xxx/CVE-2018-7105.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "security-alert@hpe.com",
"ID" : "CVE-2018-7105",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 3 (iLO 3)",
"version" : {
"version_data" : [
{
"version_value" : "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90"
}
]
}
}
]
},
"vendor_name" : "Hewlett Packard Enterprise"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A security vulnerability inHPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "remote execution of arbitrary code"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03866en_us"
}
]
}

48
2018/7xxx/CVE-2018-7106.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "security-alert@hpe.com",
"ID" : "CVE-2018-7106",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 3 (iLO 3)",
"version" : {
"version_data" : [
{
"version_value" : "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90"
}
]
}
}
]
},
"vendor_name" : "Hewlett Packard Enterprise"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to disclose sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "remote disclosure of sensitive information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03866en_us"
}
]
}

48
2018/7xxx/CVE-2018-7107.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "security-alert@hpe.com",
"ID" : "CVE-2018-7107",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "HPE Device Entitlement Gateway (DEG)",
"version" : {
"version_data" : [
{
"version_value" : "v3.2.4, v3.3 and v3.3.1"
}
]
}
}
]
},
"vendor_name" : "Hewlett Packard Enterprise"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A potential security vulnerability has been identified in HPE Device Entitlement Gateway (DEG) v3.2.4, v3.3 and v3.3.1. The vulnerability could be remotely exploited to allow local SQL injection and elevation of privilege."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote SQL Injection and Elevation of Privileges"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03889en_us"
}
]
}

48
2018/7xxx/CVE-2018-7108.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "security-alert@hpe.com",
"ID" : "CVE-2018-7108",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "HPE StorageWorks XP7 Automation Director (AutoDir)",
"version" : {
"version_data" : [
{
"version_value" : "version 8.5.2-02 to earlier than 8.6.1-00"
}
]
}
}
]
},
"vendor_name" : "Hewlett Packard Enterprise"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "HPE StorageWorks XP7 Automation Director (AutoDir) version 8.5.2-02 to earlier than 8.6.1-00 has a local and remote authentication bypass vulnerability that exposed the user authentication information of the storage system. This problem sometimes occurred under specific conditions when running a service template."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Local and Remote Authentication Bypass"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03879en_us"
}
]
}

48
2018/7xxx/CVE-2018-7109.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "security-alert@hpe.com",
"ID" : "CVE-2018-7109",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "HPE enhanced Internet Usage Manager (eIUM)",
"version" : {
"version_data" : [
{
"version_value" : "v9.0FP1"
}
]
}
}
]
},
"vendor_name" : "Hewlett Packard Enterprise"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "HPE has addressed a remote arbitrary file modification vulnerability in HPE enhanced Internet Usage Manager (eIUM) v9.0FP1 with the cumulative patch for v9.0FP1 - eIUM90FP01XXX.YYYYMMDD-HHMM."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Arbitrary File Modification"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03896en_us"
}
]
}