admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#2984

Browse Source 
Auto-merge PR#2984
This commit is contained in:
CVE Team 2020-01-03 16:55:23 -05:00 committed by GitHub
commit d99d79e826
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 336 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
2019/9xxx/CVE-2019-9537.json
View File

@ -1,8 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9537",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Telos Automated Message Handling System reflected XSS in uploaditem.asp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Automated Message Handling System",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "4.1.5.5"
}
]
}
}
]
},
"vendor_name": "Telos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +36,35 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uploaditem.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session.\nThis issue affects:\nTelos Automated Message Handling System\nversions prior to 4.1.5.5."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#873161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/873161/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

58
2019/9xxx/CVE-2019-9538.json
View File

@ -1,8 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9538",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Telos Automated Message Handling System reflected XSS in LDAP cbURL parameter"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Automated Message Handling System",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "4.1.5.5"
}
]
}
}
]
},
"vendor_name": "Telos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +36,35 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the LDAP cbURL parameter of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session.\nThis issue affects:\nTelos Automated Message Handling System\nversions prior to 4.1.5.5."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#873161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/873161/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

58
2019/9xxx/CVE-2019-9539.json
View File

@ -1,8 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9539",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Telos Automated Message Handling System reflected XSS in ModalWindowPopup.asp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Automated Message Handling System",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "4.1.5.5"
}
]
}
}
]
},
"vendor_name": "Telos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +36,35 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ModalWindowPopup.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session.\nThis issue affects:\nTelos Automated Message Handling System\nversions prior to 4.1.5.5."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#873161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/873161/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

58
2019/9xxx/CVE-2019-9540.json
View File

@ -1,8 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9540",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Telos Automated Message Handling System reflected XSS in prefs.asp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Automated Message Handling System",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "4.1.5.5"
}
]
}
}
]
},
"vendor_name": "Telos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +36,35 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in prefs.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session.\nThis issue affects:\nTelos Automated Message Handling System\nversions prior to 4.1.5.5."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#873161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/873161/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

58
2019/9xxx/CVE-2019-9541.json
View File

@ -1,8 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9541",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Telos Automated Message Handling System information disclosure in itemlookup.asp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Automated Message Handling System",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "4.1.5.5"
}
]
}
}
]
},
"vendor_name": "Telos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +36,35 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": ": Information Exposure vulnerability in itemlookup.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session.\nThis issue affects:\nTelos Automated Message Handling System\nversions prior to 4.1.5.5."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#873161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/873161/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

58
2019/9xxx/CVE-2019-9542.json
View File

@ -1,8 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9542",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Telos Automated Message Handling System reflected XSS in itemlookup.asp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Automated Message Handling System",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "4.1.5.5"
}
]
}
}
]
},
"vendor_name": "Telos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +36,35 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in itemlookup.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session.\nThis issue affects:\nTelos Automated Message Handling System\nversions prior to 4.1.5.5."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#873161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/873161/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}