From db89c3864bbc39f28aa80eac44694b4bf7056d5b Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 8 Nov 2018 16:06:44 -0500 Subject: [PATCH] - Synchronized data. --- 2018/19xxx/CVE-2018-19116.json | 18 +++++++++++++ 2018/19xxx/CVE-2018-19117.json | 18 +++++++++++++ 2018/7xxx/CVE-2018-7718.json | 48 ++++++++++++++++++++++++++++++++-- 3 files changed, 82 insertions(+), 2 deletions(-) create mode 100644 2018/19xxx/CVE-2018-19116.json create mode 100644 2018/19xxx/CVE-2018-19117.json diff --git a/2018/19xxx/CVE-2018-19116.json b/2018/19xxx/CVE-2018-19116.json new file mode 100644 index 00000000000..bb45fc4f8b0 --- /dev/null +++ b/2018/19xxx/CVE-2018-19116.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19116", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19117.json b/2018/19xxx/CVE-2018-19117.json new file mode 100644 index 00000000000..9389250e053 --- /dev/null +++ b/2018/19xxx/CVE-2018-19117.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19117", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/7xxx/CVE-2018-7718.json b/2018/7xxx/CVE-2018-7718.json index f2be0da0224..d984e48a877 100644 --- a/2018/7xxx/CVE-2018-7718.json +++ b/2018/7xxx/CVE-2018-7718.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-7718", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An issue was discovered in Telexy QPath 5.4.462. A low privileged authenticated user supplying a specially crafted serialized request to AdanitDataService.svc may modify user information, including but not limited to email address, username, and password, of other user accounts. The simplest attack approach is for the attacker to intercept their own password-change request and modify the username before the request reaches the server. Also, changing a victim's email address can have a similar account-takeover consequence." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.dropbox.com/s/6tlee2uj3t3su8n/Telexy-QPath-CVE-2018-7718.pdf", + "refsource" : "MISC", + "url" : "https://www.dropbox.com/s/6tlee2uj3t3su8n/Telexy-QPath-CVE-2018-7718.pdf" } ] }