admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-11-06 11:04:01 -05:00
parent 6586f805b0
commit d667fcee62
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
5 changed files with 152 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2018/19xxx/CVE-2018-19036.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19036",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19037.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19037",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19038.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19038",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

106
2018/1xxx/CVE-2018-1606.json
View File

@ -1,40 +1,18 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"C" : "L",
"I" : "N",
"UI" : "N",
"S" : "U",
"PR" : "L",
"AC" : "L",
"SCORE" : "4.300",
"A" : "N",
"AV" : "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow an authenticated user to obtain sensitive information from an error message that could be used in further attacks against the system. IBM X-Force ID: 143796."
}
]
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-11-02T00:00:00",
"ID" : "CVE-2018-1606",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Rational Team Concert",
"version" : {
"version_data" : [
{
@ -68,10 +46,10 @@
"version_value" : "5.02"
}
]
},
"product_name" : "Rational Team Concert"
}
},
{
"product_name" : "Rational Software Architect Design Manager",
"version" : {
"version_data" : [
{
@ -90,10 +68,10 @@
"version_value" : "5.02"
}
]
},
"product_name" : "Rational Software Architect Design Manager"
}
},
{
"product_name" : "Rational DOORS Next Generation",
"version" : {
"version_data" : [
{
@ -127,10 +105,10 @@
"version_value" : "5.02"
}
]
},
"product_name" : "Rational DOORS Next Generation"
}
},
{
"product_name" : "Rational Collaborative Lifecycle Management",
"version" : {
"version_data" : [
{
@ -164,10 +142,10 @@
"version_value" : "5.02"
}
]
},
"product_name" : "Rational Collaborative Lifecycle Management"
}
},
{
"product_name" : "Rational Rhapsody Design Manager",
"version" : {
"version_data" : [
{
@ -201,10 +179,10 @@
"version_value" : "5.02"
}
]
},
"product_name" : "Rational Rhapsody Design Manager"
}
},
{
"product_name" : "Rational Quality Manager",
"version" : {
"version_data" : [
{
@ -238,8 +216,7 @@
"version_value" : "5.02"
}
]
},
"product_name" : "Rational Quality Manager"
}
},
{
"product_name" : "Rational Engineering Lifecycle Manager",
@ -279,12 +256,43 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow an authenticated user to obtain sensitive information from an error message that could be used in further attacks against the system. IBM X-Force ID: 143796."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "4.300",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
@ -297,27 +305,17 @@
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2018-11-02T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1606"
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10738301",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10738301",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 738301 (Rational Collaborative Lifecycle Management)"
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10738301"
},
{
"name" : "ibm-jazz-cve20181606-info-disc(143796)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/143796",
"refsource" : "XF"
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/143796"
}
]
}

88
2018/1xxx/CVE-2018-1694.json
View File

@ -1,37 +1,14 @@
{
"description" : {
"description_data" : [
{
"value" : "IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 145609.",
"lang" : "eng"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"C" : "H",
"UI" : "N",
"I" : "N",
"S" : "U",
"PR" : "N",
"AC" : "H",
"SCORE" : "5.900",
"AV" : "N",
"A" : "N"
}
}
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-11-02T00:00:00",
"ID" : "CVE-2018-1694",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -72,6 +49,7 @@
}
},
{
"product_name" : "Rational Software Architect Design Manager",
"version" : {
"version_data" : [
{
@ -90,8 +68,7 @@
"version_value" : "5.02"
}
]
},
"product_name" : "Rational Software Architect Design Manager"
}
},
{
"product_name" : "Rational DOORS Next Generation",
@ -242,6 +219,7 @@
}
},
{
"product_name" : "Rational Engineering Lifecycle Manager",
"version" : {
"version_data" : [
{
@ -275,13 +253,44 @@
"version_value" : "5.02"
}
]
}
}
]
},
"product_name" : "Rational Engineering Lifecycle Manager"
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 145609."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.900",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
@ -296,28 +305,17 @@
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1694",
"DATE_PUBLIC" : "2018-11-02T00:00:00"
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10738301",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10738301",
"title" : "IBM Security Bulletin 738301 (Rational Collaborative Lifecycle Management)"
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10738301"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/145609",
"name" : "ibm-jazz-cve20181694-info-disc(145609)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-jazz-cve20181694-info-disc (145609)"
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/145609"
}
]
}