diff --git a/2019/4xxx/CVE-2019-4668.json b/2019/4xxx/CVE-2019-4668.json index a466dd6b4ae..4d3783e8c0e 100644 --- a/2019/4xxx/CVE-2019-4668.json +++ b/2019/4xxx/CVE-2019-4668.json @@ -1,18 +1,90 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-4668", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "impact" : { + "cvssv3" : { + "BM" : { + "AC" : "L", + "PR" : "N", + "SCORE" : "6.200", + "UI" : "N", + "A" : "N", + "C" : "H", + "I" : "N", + "AV" : "L", + "S" : "U" + }, + "TM" : { + "RC" : "C", + "RL" : "O", + "E" : "U" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.ibm.com/support/pages/node/6195699", + "refsource" : "CONFIRM", + "url" : "https://www.ibm.com/support/pages/node/6195699", + "title" : "IBM Security Bulletin 6195699 (UrbanCode Deploy)" + }, + { + "title" : "X-Force Vulnerability Report", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/171250", + "refsource" : "XF", + "name" : "ibm-ucd-cve20194668-info-disc (171250)" + } + ] + }, + "data_type" : "CVE", + "CVE_data_meta" : { + "DATE_PUBLIC" : "2020-04-21T00:00:00", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "ID" : "CVE-2019-4668" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "product_name" : "UrbanCode Deploy", + "version" : { + "version_data" : [ + { + "version_value" : "7.0.4.0" + } + ] + } + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM UrbanCode Deploy (UCD) 7.0.4.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 171250." + } + ] + }, + "data_version" : "4.0" +} diff --git a/2019/4xxx/CVE-2019-4735.json b/2019/4xxx/CVE-2019-4735.json index bd30fe5ef0d..38869fdf396 100644 --- a/2019/4xxx/CVE-2019-4735.json +++ b/2019/4xxx/CVE-2019-4735.json @@ -1,18 +1,90 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-4735", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "impact" : { + "cvssv3" : { + "BM" : { + "PR" : "N", + "SCORE" : "2.400", + "AC" : "L", + "AV" : "P", + "S" : "U", + "C" : "L", + "A" : "N", + "I" : "N", + "UI" : "N" + }, + "TM" : { + "RC" : "C", + "RL" : "O", + "E" : "U" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Obtain Information", + "lang" : "eng" + } + ] + } + ] + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6151767", + "title" : "IBM Security Bulletin 6151767 (MaaS360)", + "refsource" : "CONFIRM", + "name" : "https://www.ibm.com/support/pages/node/6151767" + }, + { + "name" : "ibm-maas360-cve20194735-info-disc (172705)", + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/172705" + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "product_name" : "MaaS360", + "version" : { + "version_data" : [ + { + "version_value" : "3.96.62" + } + ] + } + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM MaaS360 3.96.62 for iOS could allow an attacker with physical access to the device to obtain sensitive information from the agent outside of the container. IBM X-Force ID: 172705." + } + ] + }, + "CVE_data_meta" : { + "STATE" : "PUBLIC", + "ID" : "CVE-2019-4735", + "DATE_PUBLIC" : "2020-04-14T00:00:00", + "ASSIGNER" : "psirt@us.ibm.com" + } +} diff --git a/2020/4xxx/CVE-2020-4202.json b/2020/4xxx/CVE-2020-4202.json index a2c113f6f3c..15168303974 100644 --- a/2020/4xxx/CVE-2020-4202.json +++ b/2020/4xxx/CVE-2020-4202.json @@ -1,18 +1,93 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4202", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_format" : "MITRE", + "impact" : { + "cvssv3" : { + "BM" : { + "S" : "U", + "AV" : "N", + "UI" : "N", + "C" : "L", + "A" : "L", + "I" : "L", + "PR" : "L", + "SCORE" : "5.000", + "AC" : "H" + }, + "TM" : { + "RL" : "O", + "RC" : "C", + "E" : "U" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Gain Privileges", + "lang" : "eng" + } + ] + } + ] + }, + "CVE_data_meta" : { + "STATE" : "PUBLIC", + "ID" : "CVE-2020-4202", + "DATE_PUBLIC" : "2020-04-21T00:00:00", + "ASSIGNER" : "psirt@us.ibm.com" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "product_name" : "UrbanCode Deploy", + "version" : { + "version_data" : [ + { + "version_value" : "7.0.3.0" + }, + { + "version_value" : "7.0.4.0" + } + ] + } + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "value" : "IBM UrbanCode Deploy (UCD) 7.0.3.0 and 7.0.4.0 could allow an authenticated user to impersonate another user if the server is configured to enable Distributed Front End (DFE). IBM X-Force ID: 174955.", + "lang" : "eng" + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6195701", + "title" : "IBM Security Bulletin 6195701 (UrbanCode Deploy)", + "refsource" : "CONFIRM", + "name" : "https://www.ibm.com/support/pages/node/6195701" + }, + { + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174955", + "name" : "ibm-ucd-cve20204202-priv-escalation (174955)" + } + ] + }, + "data_type" : "CVE" +} diff --git a/2020/4xxx/CVE-2020-4311.json b/2020/4xxx/CVE-2020-4311.json index 32c11b208b2..536a8c437f4 100644 --- a/2020/4xxx/CVE-2020-4311.json +++ b/2020/4xxx/CVE-2020-4311.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4311", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "references" : { + "reference_data" : [ + { + "name" : "https://www.ibm.com/support/pages/node/6198358", + "url" : "https://www.ibm.com/support/pages/node/6198358", + "title" : "IBM Security Bulletin 6198358 (Tivoli Monitoring)", + "refsource" : "CONFIRM" + }, + { + "name" : "ibm-tivoli-cve20204311-code-exec (177083)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083", + "title" : "X-Force Vulnerability Report", + "refsource" : "XF" + } + ] + }, + "data_type" : "CVE", + "CVE_data_meta" : { + "DATE_PUBLIC" : "2020-04-22T00:00:00", + "ASSIGNER" : "psirt@us.ibm.com", + "ID" : "CVE-2020-4311", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "product_name" : "Tivoli Monitoring", + "version" : { + "version_data" : [ + { + "version_value" : "6.3.0" + } + ] + } + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "description" : { + "description_data" : [ + { + "value" : "IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083.", + "lang" : "eng" + } + ] + }, + "data_version" : "4.0", + "data_format" : "MITRE", + "impact" : { + "cvssv3" : { + "TM" : { + "E" : "U", + "RL" : "O", + "RC" : "C" + }, + "BM" : { + "AV" : "L", + "S" : "U", + "UI" : "N", + "A" : "H", + "C" : "H", + "I" : "H", + "SCORE" : "7.400", + "PR" : "N", + "AC" : "H" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Gain Privileges" + } + ] + } + ] + } +} diff --git a/2020/4xxx/CVE-2020-4353.json b/2020/4xxx/CVE-2020-4353.json index fcf9972970c..ff443ff7ba5 100644 --- a/2020/4xxx/CVE-2020-4353.json +++ b/2020/4xxx/CVE-2020-4353.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4353", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "DATE_PUBLIC" : "2020-04-14T00:00:00", + "STATE" : "PUBLIC", + "ID" : "CVE-2020-4353" + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM MaaS360 6.82 could allow a user with pysical access to the device to crash the application which may enable the user to access restricted applications and device settings. IBM X-Force ID: 178505." + } + ] + }, + "data_version" : "4.0", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "product_name" : "MaaS360", + "version" : { + "version_data" : [ + { + "version_value" : "6.82" + } + ] + } + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6151773", + "title" : "IBM Security Bulletin 6151773 (MaaS360)", + "refsource" : "CONFIRM", + "name" : "https://www.ibm.com/support/pages/node/6151773" + }, + { + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/178505", + "name" : "ibm-maas360-cve20204353-dos (178505)" + } + ] + }, + "data_type" : "CVE", + "data_format" : "MITRE", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Denial of Service" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "PR" : "N", + "SCORE" : "4.600", + "AC" : "L", + "AV" : "P", + "S" : "U", + "A" : "H", + "I" : "N", + "C" : "N", + "UI" : "N" + }, + "TM" : { + "RL" : "O", + "RC" : "C", + "E" : "U" + } + } + } +} diff --git a/2020/4xxx/CVE-2020-4415.json b/2020/4xxx/CVE-2020-4415.json index b5b5eea2669..9e09d0f495b 100644 --- a/2020/4xxx/CVE-2020-4415.json +++ b/2020/4xxx/CVE-2020-4415.json @@ -1,18 +1,99 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4415", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Gain Access", + "lang" : "eng" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "TM" : { + "E" : "U", + "RL" : "O", + "RC" : "C" + }, + "BM" : { + "PR" : "N", + "SCORE" : "9.800", + "AC" : "L", + "AV" : "N", + "S" : "U", + "I" : "H", + "A" : "H", + "C" : "H", + "UI" : "N" + } + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6195706", + "title" : "IBM Security Bulletin 6195706 (Spectrum Protect)", + "refsource" : "CONFIRM", + "name" : "https://www.ibm.com/support/pages/node/6195706" + }, + { + "name" : "ibm-spectrum-cve20204415-bo (179990)", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/179990", + "title" : "X-Force Vulnerability Report" + } + ] + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectrum Protect server or cause the Spectrum Protect server to crash. IBM X-Force ID: 179990." + } + ] + }, + "data_version" : "4.0", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "7.1.0.0" + }, + { + "version_value" : "7.1.10.0" + }, + { + "version_value" : "8.1.0.0" + }, + { + "version_value" : "8.1.9.200" + } + ] + }, + "product_name" : "Spectrum Protect" + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "CVE_data_meta" : { + "DATE_PUBLIC" : "2020-04-21T00:00:00", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "ID" : "CVE-2020-4415" + } +}