admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-06-13 17:04:32 -04:00
parent 28972b8061
commit d6dbd2297a
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
3 changed files with 129 additions and 112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
2017/12xxx/CVE-2017-12741.json
View File

@ -210,7 +210,24 @@
"references" : {
"reference_data" : [
{
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf",
"refsource" : "CONFIRM",
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf"
},
{
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf",
"refsource" : "CONFIRM",
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf"
},
{
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf",
"refsource" : "CONFIRM",
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf"
},
{
"name" : "101964",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/101964"
}
]
}

104
2017/3xxx/CVE-2017-3907.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"ID": "CVE-2017-3907",
"STATE": "PUBLIC",
"TITLE": "McAfee Threat Intelligence Exchange (TIE) Server - Code Injection vulnerability"
"CVE_data_meta" : {
"ASSIGNER" : "psirt@mcafee.com",
"ID" : "CVE-2017-3907",
"STATE" : "PUBLIC",
"TITLE" : "McAfee Threat Intelligence Exchange (TIE) Server - Code Injection vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Threat Intelligence Exchange (TIE) Server",
"version": {
"version_data": [
"product_name" : "Threat Intelligence Exchange (TIE) Server",
"version" : {
"version_data" : [
{
"affected": "<",
"platform": "x86",
"version_name": "2.1.0",
"version_value": "2.1.0 Hotfix 1"
"affected" : "<",
"platform" : "x86",
"version_name" : "2.1.0",
"version_value" : "2.1.0 Hotfix 1"
}
]
}
}
]
},
"vendor_name": "McAfee"
"vendor_name" : "McAfee"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code to be reflected in the response web page via unspecified vector.\n"
"lang" : "eng",
"value" : "Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code to be reflected in the response web page via unspecified vector."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "HIGH",
"attackVector" : "NETWORK",
"availabilityImpact" : "LOW",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "CHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Code Injection vulnerability"
"lang" : "eng",
"value" : "Code Injection vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10207",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10207"
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10207",
"refsource" : "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10207"
}
]
},
"source": {
"advisory": "SB10207",
"discovery": "INTERNAL"
"source" : {
"advisory" : "SB10207",
"discovery" : "INTERNAL"
}
}

120
2017/3xxx/CVE-2017-3936.json
View File

@ -1,98 +1,98 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"ID": "CVE-2017-3936",
"STATE": "PUBLIC",
"TITLE": "McAfee ePolicy Orchestrator (ePO) - OS Command Injection vulnerability"
"CVE_data_meta" : {
"ASSIGNER" : "psirt@mcafee.com",
"ID" : "CVE-2017-3936",
"STATE" : "PUBLIC",
"TITLE" : "McAfee ePolicy Orchestrator (ePO) - OS Command Injection vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "ePolicy Orchestrator (ePO)",
"version": {
"version_data": [
"product_name" : "ePolicy Orchestrator (ePO)",
"version" : {
"version_data" : [
{
"affected": "<",
"platform": "x86",
"version_name": "5.1",
"version_value": "5.3.3"
"affected" : "<",
"platform" : "x86",
"version_name" : "5.1",
"version_value" : "5.3.3"
},
{
"affected": "<",
"platform": "x86",
"version_name": "5.3",
"version_value": "5.3.3"
"affected" : "<",
"platform" : "x86",
"version_name" : "5.3",
"version_value" : "5.3.3"
},
{
"affected": "<",
"platform": "x86",
"version_name": "5.9",
"version_value": "5.9.1"
"affected" : "<",
"platform" : "x86",
"version_name" : "5.9",
"version_value" : "5.9.1"
}
]
}
}
]
},
"vendor_name": "McAfee"
"vendor_name" : "McAfee"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, 5.3.1, 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows attackers to run arbitrary OS commands with limited priviledges via not sanitizing the user input data before exporting it into a CSV format output.\n"
"lang" : "eng",
"value" : "OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, 5.3.1, 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows attackers to run arbitrary OS commands with limited privileges via not sanitizing the user input data before exporting it into a CSV format output."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "LOCAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.2,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "OS Command Injection vulnerability"
"lang" : "eng",
"value" : "OS Command Injection vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10227",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10227"
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10227",
"refsource" : "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10227"
}
]
},
"source": {
"advisory": "SB10227",
"discovery": "INTERNAL"
"source" : {
"advisory" : "SB10227",
"discovery" : "INTERNAL"
}
}