diff --git a/2019/4xxx/CVE-2019-4349.json b/2019/4xxx/CVE-2019-4349.json index e9491a56db9..cb64db582f2 100644 --- a/2019/4xxx/CVE-2019-4349.json +++ b/2019/4xxx/CVE-2019-4349.json @@ -1,99 +1,99 @@ { - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 applications can be installed on a deprecated operating system version that could compromised the confidentiality and integrity of the service. IBM X-Force ID: 161486" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "data_type" : "CVE", - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/pages/node/6358059", - "title" : "IBM Security Bulletin 6358059 (Maximo Anywhere)", - "url" : "https://www.ibm.com/support/pages/node/6358059", - "refsource" : "CONFIRM" - }, - { - "title" : "X-Force Vulnerability Report", - "name" : "ibm-maximo-cve20194349-info-disc (161486)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/161486", - "refsource" : "XF" - } - ] - }, - "data_version" : "4.0", - "affects" : { - "vendor" : { - "vendor_data" : [ + "description": { + "description_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "Maximo Anywhere", - "version" : { - "version_data" : [ - { - "version_value" : "7.6.2.0" - }, - { - "version_value" : "7.6.2.1" - }, - { - "version_value" : "7.6.3.0" - }, - { - "version_value" : "7.6.3.1" - } - ] - } - } - ] - } + "lang": "eng", + "value": "IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 applications can be installed on a deprecated operating system version that could compromised the confidentiality and integrity of the service. IBM X-Force ID: 161486" } - ] - } - }, - "impact" : { - "cvssv3" : { - "BM" : { - "S" : "U", - "C" : "L", - "AV" : "P", - "SCORE" : "3.500", - "UI" : "N", - "AC" : "L", - "PR" : "N", - "I" : "L", - "A" : "N" - }, - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - } - } - }, - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2020-11-02T00:00:00", - "ID" : "CVE-2019-4349" - }, - "data_format" : "MITRE" -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "data_type": "CVE", + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/pages/node/6358059", + "title": "IBM Security Bulletin 6358059 (Maximo Anywhere)", + "url": "https://www.ibm.com/support/pages/node/6358059", + "refsource": "CONFIRM" + }, + { + "title": "X-Force Vulnerability Report", + "name": "ibm-maximo-cve20194349-info-disc (161486)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/161486", + "refsource": "XF" + } + ] + }, + "data_version": "4.0", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Maximo Anywhere", + "version": { + "version_data": [ + { + "version_value": "7.6.2.0" + }, + { + "version_value": "7.6.2.1" + }, + { + "version_value": "7.6.3.0" + }, + { + "version_value": "7.6.3.1" + } + ] + } + } + ] + } + } + ] + } + }, + "impact": { + "cvssv3": { + "BM": { + "S": "U", + "C": "L", + "AV": "P", + "SCORE": "3.500", + "UI": "N", + "AC": "L", + "PR": "N", + "I": "L", + "A": "N" + }, + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + } + } + }, + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2020-11-02T00:00:00", + "ID": "CVE-2019-4349" + }, + "data_format": "MITRE" +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4649.json b/2020/4xxx/CVE-2020-4649.json index 2252414afc9..82a4196cf78 100644 --- a/2020/4xxx/CVE-2020-4649.json +++ b/2020/4xxx/CVE-2020-4649.json @@ -1,100 +1,100 @@ { - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. IBM X-Force ID: 186022." - } - ] - }, - "data_type" : "CVE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } - ] - } - ] - }, - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6356539", - "title" : "IBM Security Bulletin 6356539 (Planning Analytics Local)", - "name" : "https://www.ibm.com/support/pages/node/6356539", - "refsource" : "CONFIRM" - }, - { - "refsource" : "XF", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-planning-cve20204649-info-disc (186022)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/186022" - } - ] - }, - "CVE_data_meta" : { - "DATE_PUBLIC" : "2020-11-02T00:00:00", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2020-4649" - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RL" : "O", - "RC" : "C", - "E" : "U" - }, - "BM" : { - "C" : "L", - "S" : "U", - "AV" : "N", - "SCORE" : "4.300", - "A" : "N", - "I" : "N", - "PR" : "L", - "UI" : "N", - "AC" : "L" - } - } - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "description": { + "description_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "2.0.9.2" - } - ] - }, - "product_name" : "Planning Analytics Local" - }, - { - "product_name" : "Planning Analytics Workspace", - "version" : { - "version_data" : [ - { - "version_value" : "57" - } - ] - } - } - ] - } + "lang": "eng", + "value": "IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. IBM X-Force ID: 186022." } - ] - } - } -} + ] + }, + "data_type": "CVE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Obtain Information", + "lang": "eng" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6356539", + "title": "IBM Security Bulletin 6356539 (Planning Analytics Local)", + "name": "https://www.ibm.com/support/pages/node/6356539", + "refsource": "CONFIRM" + }, + { + "refsource": "XF", + "title": "X-Force Vulnerability Report", + "name": "ibm-planning-cve20204649-info-disc (186022)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/186022" + } + ] + }, + "CVE_data_meta": { + "DATE_PUBLIC": "2020-11-02T00:00:00", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2020-4649" + }, + "impact": { + "cvssv3": { + "TM": { + "RL": "O", + "RC": "C", + "E": "U" + }, + "BM": { + "C": "L", + "S": "U", + "AV": "N", + "SCORE": "4.300", + "A": "N", + "I": "N", + "PR": "L", + "UI": "N", + "AC": "L" + } + } + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "2.0.9.2" + } + ] + }, + "product_name": "Planning Analytics Local" + }, + { + "product_name": "Planning Analytics Workspace", + "version": { + "version_data": [ + { + "version_value": "57" + } + ] + } + } + ] + } + } + ] + } + } +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4785.json b/2020/4xxx/CVE-2020-4785.json index 67085adc8cb..52b7c0bb1fc 100644 --- a/2020/4xxx/CVE-2020-4785.json +++ b/2020/4xxx/CVE-2020-4785.json @@ -1,102 +1,102 @@ { - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "App Connect Enterprise Certified Container", - "version" : { - "version_data" : [ - { - "version_value" : "1.0.0" - }, - { - "version_value" : "1.0.1" - }, - { - "version_value" : "1.0.2" - }, - { - "version_value" : "1.0.3" - }, - { - "version_value" : "1.0.4" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "impact" : { - "cvssv3" : { - "BM" : { - "C" : "L", - "S" : "C", - "AV" : "N", - "SCORE" : "5.400", - "I" : "L", - "A" : "N", - "UI" : "R", - "AC" : "L", - "PR" : "L" - }, - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - } - } - }, - "CVE_data_meta" : { - "ID" : "CVE-2020-4785", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2020-11-02T00:00:00" - }, - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6357899", - "name" : "https://www.ibm.com/support/pages/node/6357899", - "title" : "IBM Security Bulletin 6357899 (App Connect Enterprise Certified Container)" - }, - { - "name" : "ibm-appconnect-cve20204785-clickjacking (189219)", - "title" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/189219", - "refsource" : "XF" - } - ] - }, - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 189219." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Gain Access", - "lang" : "eng" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "App Connect Enterprise Certified Container", + "version": { + "version_data": [ + { + "version_value": "1.0.0" + }, + { + "version_value": "1.0.1" + }, + { + "version_value": "1.0.2" + }, + { + "version_value": "1.0.3" + }, + { + "version_value": "1.0.4" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "data_type" : "CVE" -} + } + }, + "data_format": "MITRE", + "impact": { + "cvssv3": { + "BM": { + "C": "L", + "S": "C", + "AV": "N", + "SCORE": "5.400", + "I": "L", + "A": "N", + "UI": "R", + "AC": "L", + "PR": "L" + }, + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + } + } + }, + "CVE_data_meta": { + "ID": "CVE-2020-4785", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2020-11-02T00:00:00" + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6357899", + "name": "https://www.ibm.com/support/pages/node/6357899", + "title": "IBM Security Bulletin 6357899 (App Connect Enterprise Certified Container)" + }, + { + "name": "ibm-appconnect-cve20204785-clickjacking (189219)", + "title": "X-Force Vulnerability Report", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189219", + "refsource": "XF" + } + ] + }, + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 189219." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Gain Access", + "lang": "eng" + } + ] + } + ] + }, + "data_type": "CVE" +} \ No newline at end of file