admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 22:18:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Added submissions from F5 from 2018-10-18.

Browse Source
This commit is contained in:
CVE Team 2018-10-19 08:01:41 -04:00
parent d83fdc25e9
commit debd36cc51
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
5 changed files with 262 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
2018/15xxx/CVE-2018-15312.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "f5sirt@f5.com",
"DATE_PUBLIC" : "2018-10-17T00:00:00",
"ID" : "CVE-2018-15312",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"version" : {
"version_data" : [
{
"version_value" : "13.0.0-13.1.1.1"
},
{
"version_value" : "12.1.0-12.1.3.6"
}
]
}
}
]
},
"vendor_name" : "F5 Networks, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "On 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6 a reflected Cross-Site Scripting (XSS) vulnerability is exists in an undisclosed page of the BIG-IP Configuration utility that allows an authenticated user to execute JavaScript for the currently logged-in user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XSS"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.f5.com/csp/article/K44462254"
}
]
}

52
2018/15xxx/CVE-2018-15313.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "f5sirt@f5.com",
"DATE_PUBLIC" : "2018-10-18T00:00:00",
"ID" : "CVE-2018-15313",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "BIG-IP AFM",
"version" : {
"version_data" : [
{
"version_value" : "13.0.0-13.1.1.1"
},
{
"version_value" : "12.1.0-12.1.3.6"
}
]
}
}
]
},
"vendor_name" : "F5 Networks, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "On BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6 there is a Reflected Cross Site Scripting vulnerability in undisclosed TMUI page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XSS"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.f5.com/csp/article/K21042153"
}
]
}

52
2018/15xxx/CVE-2018-15314.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "f5sirt@f5.com",
"DATE_PUBLIC" : "2018-10-18T00:00:00",
"ID" : "CVE-2018-15314",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "BIG-IP AFM",
"version" : {
"version_data" : [
{
"version_value" : "13.0.0-13.1.1.1"
},
{
"version_value" : "12.1.0-12.1.3.6"
}
]
}
}
]
},
"vendor_name" : "F5 Networks, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "On BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6 there is a Reflected Cross Site Scripting vulnerability in undisclosed TMUI page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XSS"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.f5.com/csp/article/K04524282"
}
]
}

52
2018/15xxx/CVE-2018-15315.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "f5sirt@f5.com",
"DATE_PUBLIC" : "2018-10-17T00:00:00",
"ID" : "CVE-2018-15315",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"version" : {
"version_data" : [
{
"version_value" : "13.0.0-13.1.1.1"
},
{
"version_value" : "12.1.0-12.1.3.6"
}
]
}
}
]
},
"vendor_name" : "F5 Networks, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "BIG-IP reflected Cross Site Scripting (XSS) vulnerability in an undisclosed Configuration Utility page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XSS"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.f5.com/csp/article/K41704442"
}
]
}

69
2018/15xxx/CVE-2018-15316.json
View File

@ -1,8 +1,52 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "f5sirt@f5.com",
"DATE_PUBLIC" : "2018-10-17T00:00:00",
"ID" : "CVE-2018-15316",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "BIG-IP (APM)",
"version" : {
"version_data" : [
{
"version_value" : "13.0.0-13.1.1.1"
}
]
}
},
{
"product_name" : "BIG-IP APM Clients",
"version" : {
"version_data" : [
{
"version_value" : "7.1.5 - 7.1.6"
}
]
}
},
{
"product_name" : "BIG-IP Edge Client",
"version" : {
"version_data" : [
{
"version_value" : "7101 - 7160"
}
]
}
}
]
},
"vendor_name" : "F5 Networks, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +55,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "In BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Privilege escalation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://support.f5.com/csp/article/K51220077"
}
]
}