admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-06-07 15:00:52 +00:00
parent 1cb62704b9
commit df7ef5c9c6
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
16 changed files with 1001 additions and 689 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/13xxx/CVE-2018-13380.json
View File

@ -54,6 +54,11 @@
"refsource": "CONFIRM",
"name": "https://fortiguard.com/advisory/FG-IR-18-383",
"url": "https://fortiguard.com/advisory/FG-IR-18-383"
},
{
"refsource": "BID",
"name": "108681",
"url": "http://www.securityfocus.com/bid/108681"
}
]
},

5
2018/15xxx/CVE-2018-15587.json
View File

@ -101,6 +101,11 @@
"refsource": "UBUNTU",
"name": "USN-3998-1",
"url": "https://usn.ubuntu.com/3998-1/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4457",
"url": "https://www.debian.org/security/2019/dsa-4457"
}
]
}

48
2018/5xxx/CVE-2018-5265.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-5265",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.red4sec.com/cve/edgerouter_lite.txt",
"refsource": "MISC",
"name": "https://www.red4sec.com/cve/edgerouter_lite.txt"
}
]
}

53
2018/5xxx/CVE-2018-5798.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-5798",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "This CVE relates to an unspecified cross site scripting vulnerability in Cloudera Manager."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.cloudera.com",
"refsource": "MISC",
"name": "https://www.cloudera.com"
},
{
"refsource": "CONFIRM",
"name": "https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html",
"url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html"
}
]
}

53
2018/6xxx/CVE-2018-6185.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6185",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Cloudera Navigator Key Trustee KMS 5.12 and 5.13, incorrect default ACL values allow remote access to purge and undelete API calls on encryption zone keys. The Navigator Key Trustee KMS includes 2 API calls in addition to those in Apache Hadoop KMS: purge and undelete. The KMS ACL values for these commands are keytrustee.kms.acl.PURGE and keytrustee.kms.acl.UNDELETE respectively. The default value for the ACLs in Key Trustee KMS 5.12.0 and 5.13.0 is \"*\" which allows anyone with knowledge of the name of an encryption zone key and network access to the Key Trustee KMS to make those calls against known encryption zone keys. This can result in the recovery of a previously deleted, but not purged, key (undelete) or the deletion of a key in active use (purge) resulting in loss of access to encrypted HDFS data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.cloudera.com",
"refsource": "MISC",
"name": "https://www.cloudera.com"
},
{
"refsource": "CONFIRM",
"name": "https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html",
"url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html"
}
]
}

5
2019/10xxx/CVE-2019-10149.json
View File

@ -98,6 +98,11 @@
"refsource": "BID",
"name": "108679",
"url": "http://www.securityfocus.com/bid/108679"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1524",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html"
}
]
},

2
2019/12xxx/CVE-2019-12378.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash)."
"value": "** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue."
}
]
},

61
2019/12xxx/CVE-2019-12477.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12477",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-12477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri= URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://drive.google.com/file/d/1ZVHn_bPE-3kqYd2D-3AJpXZdd4dlmzVh/view?usp=sharing",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1ZVHn_bPE-3kqYd2D-3AJpXZdd4dlmzVh/view?usp=sharing"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153191/Supra-Smart-Cloud-TV-Remote-File-Inclusion.html",
"url": "http://packetstormsecurity.com/files/153191/Supra-Smart-Cloud-TV-Remote-File-Inclusion.html"
}
]
}

18
2019/12xxx/CVE-2019-12773.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12773",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

136
2019/4xxx/CVE-2019-4066.json
View File

@ -1,135 +1,135 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"A" : "H",
"SCORE" : "8.800",
"AV" : "N",
"PR" : "L",
"AC" : "L",
"UI" : "N",
"C" : "H",
"I" : "H"
"impact": {
"cvssv3": {
"BM": {
"S": "U",
"A": "H",
"SCORE": "8.800",
"AV": "N",
"PR": "L",
"AC": "L",
"UI": "N",
"C": "H",
"I": "H"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"value" : "Gain Access",
"lang" : "eng"
"value": "Gain Access",
"lang": "eng"
}
]
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-05-31T00:00:00",
"ID" : "CVE-2019-4066",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
"data_version": "4.0",
"CVE_data_meta": {
"DATE_PUBLIC": "2019-05-31T00:00:00",
"ID": "CVE-2019-4066",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Intelligent Operations Center",
"version" : {
"version_data" : [
"product_name": "Intelligent Operations Center",
"version": {
"version_data": [
{
"version_value" : "5.1.0"
"version_value": "5.1.0"
},
{
"version_value" : "5.1.0.1"
"version_value": "5.1.0.1"
},
{
"version_value" : "5.1.0.2"
"version_value": "5.1.0.2"
},
{
"version_value" : "5.1.0.3"
"version_value": "5.1.0.3"
},
{
"version_value" : "5.1.0.4"
"version_value": "5.1.0.4"
},
{
"version_value" : "5.1.0.5"
"version_value": "5.1.0.5"
},
{
"version_value" : "5.1.0.6"
"version_value": "5.1.0.6"
},
{
"version_value" : "5.1.0.7"
"version_value": "5.1.0.7"
},
{
"version_value" : "5.1.0.8"
"version_value": "5.1.0.8"
},
{
"version_value" : "5.1.0.9"
"version_value": "5.1.0.9"
},
{
"version_value" : "5.1.0.10"
"version_value": "5.1.0.10"
},
{
"version_value" : "5.1.0.11"
"version_value": "5.1.0.11"
},
{
"version_value" : "5.1.0.12"
"version_value": "5.1.0.12"
},
{
"version_value" : "5.1.0.13"
"version_value": "5.1.0.13"
},
{
"version_value" : "5.1.0.14"
"version_value": "5.1.0.14"
},
{
"version_value" : "5.2.0"
"version_value": "5.2.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10879381",
"title" : "IBM Security Bulletin 879381 (Intelligent Operations Center)",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10879381"
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10879381",
"title": "IBM Security Bulletin 879381 (Intelligent Operations Center)",
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10879381"
},
{
"name" : "ibm-ioc-cve20194066-create-user (157011)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/157011"
"name": "ibm-ioc-cve20194066-create-user (157011)",
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/157011"
}
]
},
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"value" : "IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 could allow an authenciated user to create arbitrary users which could cause ID management issues and result in code execution. IBM X-Force ID: 157011.",
"lang" : "eng"
"value": "IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 could allow an authenciated user to create arbitrary users which could cause ID management issues and result in code execution. IBM X-Force ID: 157011.",
"lang": "eng"
}
]
},
"data_type" : "CVE",
"data_format" : "MITRE"
"data_type": "CVE",
"data_format": "MITRE"
}

136
2019/4xxx/CVE-2019-4067.json
View File

@ -1,133 +1,133 @@
{
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2019-4067",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-05-31T00:00:00"
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2019-4067",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-05-31T00:00:00"
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM" : {
"I" : "N",
"SCORE" : "5.900",
"AV" : "N",
"PR" : "N",
"UI" : "N",
"AC" : "H",
"C" : "H",
"S" : "U",
"A" : "N"
"BM": {
"I": "N",
"SCORE": "5.900",
"AV": "N",
"PR": "N",
"UI": "N",
"AC": "H",
"C": "H",
"S": "U",
"A": "N"
}
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"value" : "Obtain Information",
"lang" : "eng"
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_type" : "CVE",
"description" : {
"description_data" : [
"data_type": "CVE",
"description": {
"description_data": [
{
"value" : "IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 157012.",
"lang" : "eng"
"value": "IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 157012.",
"lang": "eng"
}
]
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
"data_format": "MITRE",
"references": {
"reference_data": [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10880213",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10880213",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 880213 (Intelligent Operations Center)"
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10880213",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10880213",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 880213 (Intelligent Operations Center)"
},
{
"name" : "ibm-ioc-cve20194067-info-disc (157012)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/157012",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
"name": "ibm-ioc-cve20194067-info-disc (157012)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/157012",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "5.1.0"
"version_value": "5.1.0"
},
{
"version_value" : "5.1.0.1"
"version_value": "5.1.0.1"
},
{
"version_value" : "5.1.0.2"
"version_value": "5.1.0.2"
},
{
"version_value" : "5.1.0.3"
"version_value": "5.1.0.3"
},
{
"version_value" : "5.1.0.4"
"version_value": "5.1.0.4"
},
{
"version_value" : "5.1.0.5"
"version_value": "5.1.0.5"
},
{
"version_value" : "5.1.0.6"
"version_value": "5.1.0.6"
},
{
"version_value" : "5.1.0.7"
"version_value": "5.1.0.7"
},
{
"version_value" : "5.1.0.8"
"version_value": "5.1.0.8"
},
{
"version_value" : "5.1.0.9"
"version_value": "5.1.0.9"
},
{
"version_value" : "5.1.0.10"
"version_value": "5.1.0.10"
},
{
"version_value" : "5.1.0.11"
"version_value": "5.1.0.11"
},
{
"version_value" : "5.1.0.12"
"version_value": "5.1.0.12"
},
{
"version_value" : "5.1.0.13"
"version_value": "5.1.0.13"
},
{
"version_value" : "5.1.0.14"
"version_value": "5.1.0.14"
},
{
"version_value" : "5.2.0"
"version_value": "5.2.0"
}
]
},
"product_name" : "Intelligent Operations Center"
"product_name": "Intelligent Operations Center"
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}

136
2019/4xxx/CVE-2019-4068.json
View File

@ -1,62 +1,62 @@
{
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name" : "Intelligent Operations Center",
"version" : {
"version_data" : [
"product_name": "Intelligent Operations Center",
"version": {
"version_data": [
{
"version_value" : "5.1.0"
"version_value": "5.1.0"
},
{
"version_value" : "5.1.0.1"
"version_value": "5.1.0.1"
},
{
"version_value" : "5.1.0.2"
"version_value": "5.1.0.2"
},
{
"version_value" : "5.1.0.3"
"version_value": "5.1.0.3"
},
{
"version_value" : "5.1.0.4"
"version_value": "5.1.0.4"
},
{
"version_value" : "5.1.0.5"
"version_value": "5.1.0.5"
},
{
"version_value" : "5.1.0.6"
"version_value": "5.1.0.6"
},
{
"version_value" : "5.1.0.7"
"version_value": "5.1.0.7"
},
{
"version_value" : "5.1.0.8"
"version_value": "5.1.0.8"
},
{
"version_value" : "5.1.0.9"
"version_value": "5.1.0.9"
},
{
"version_value" : "5.1.0.10"
"version_value": "5.1.0.10"
},
{
"version_value" : "5.1.0.11"
"version_value": "5.1.0.11"
},
{
"version_value" : "5.1.0.12"
"version_value": "5.1.0.12"
},
{
"version_value" : "5.1.0.13"
"version_value": "5.1.0.13"
},
{
"version_value" : "5.1.0.14"
"version_value": "5.1.0.14"
},
{
"version_value" : "5.2.0"
"version_value": "5.2.0"
}
]
}
@ -67,69 +67,69 @@
]
}
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"title" : "IBM Security Bulletin 880229 (Intelligent Operations Center)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10880229",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10880229"
"title": "IBM Security Bulletin 880229 (Intelligent Operations Center)",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10880229",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10880229"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/157013",
"name" : "ibm-ioc-cve20194068-info-disc (157013)"
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/157013",
"name": "ibm-ioc-cve20194068-info-disc (157013)"
}
]
},
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"value" : "IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnerable to user enumeration, allowing an attacker to brute force into the system. IBM X-Force ID: 157013.",
"lang" : "eng"
"value": "IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnerable to user enumeration, allowing an attacker to brute force into the system. IBM X-Force ID: 157013.",
"lang": "eng"
}
]
},
"data_type" : "CVE",
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
"data_type": "CVE",
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
},
"BM" : {
"I" : "N",
"AV" : "N",
"SCORE" : "5.900",
"PR" : "N",
"AC" : "H",
"UI" : "N",
"C" : "H",
"S" : "U",
"A" : "N"
"BM": {
"I": "N",
"AV": "N",
"SCORE": "5.900",
"PR": "N",
"AC": "H",
"UI": "N",
"C": "H",
"S": "U",
"A": "N"
}
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"value" : "Obtain Information",
"lang" : "eng"
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2019-4068",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-05-31T00:00:00"
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2019-4068",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-05-31T00:00:00"
}
}

136
2019/4xxx/CVE-2019-4069.json
View File

@ -1,114 +1,114 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2019-4069",
"DATE_PUBLIC" : "2019-05-31T00:00:00"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2019-4069",
"DATE_PUBLIC": "2019-05-31T00:00:00"
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Gain Access"
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM" : {
"A" : "H",
"S" : "U",
"C" : "H",
"AC" : "L",
"UI" : "R",
"SCORE" : "8.000",
"AV" : "N",
"PR" : "L",
"I" : "H"
"BM": {
"A": "H",
"S": "U",
"C": "H",
"AC": "L",
"UI": "R",
"SCORE": "8.000",
"AV": "N",
"PR": "L",
"I": "H"
}
}
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
"data_format": "MITRE",
"description": {
"description_data": [
{
"value" : "IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not properly validate file types, allowing an attacker to upload malicious content. IBM X-Force ID: 157014.",
"lang" : "eng"
"value": "IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not properly validate file types, allowing an attacker to upload malicious content. IBM X-Force ID: 157014.",
"lang": "eng"
}
]
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "5.1.0"
"version_value": "5.1.0"
},
{
"version_value" : "5.1.0.1"
"version_value": "5.1.0.1"
},
{
"version_value" : "5.1.0.2"
"version_value": "5.1.0.2"
},
{
"version_value" : "5.1.0.3"
"version_value": "5.1.0.3"
},
{
"version_value" : "5.1.0.4"
"version_value": "5.1.0.4"
},
{
"version_value" : "5.1.0.5"
"version_value": "5.1.0.5"
},
{
"version_value" : "5.1.0.6"
"version_value": "5.1.0.6"
},
{
"version_value" : "5.1.0.7"
"version_value": "5.1.0.7"
},
{
"version_value" : "5.1.0.8"
"version_value": "5.1.0.8"
},
{
"version_value" : "5.1.0.9"
"version_value": "5.1.0.9"
},
{
"version_value" : "5.1.0.10"
"version_value": "5.1.0.10"
},
{
"version_value" : "5.1.0.11"
"version_value": "5.1.0.11"
},
{
"version_value" : "5.1.0.12"
"version_value": "5.1.0.12"
},
{
"version_value" : "5.1.0.13"
"version_value": "5.1.0.13"
},
{
"version_value" : "5.1.0.14"
"version_value": "5.1.0.14"
},
{
"version_value" : "5.2.0"
"version_value": "5.2.0"
}
]
},
"product_name" : "Intelligent Operations Center"
"product_name": "Intelligent Operations Center"
}
]
}
@ -116,19 +116,19 @@
]
}
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10879953",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 879953 (Intelligent Operations Center)",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10879953"
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10879953",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 879953 (Intelligent Operations Center)",
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10879953"
},
{
"name" : "ibm-ioc-cve20194069-file-upload (157014)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/157014"
"name": "ibm-ioc-cve20194069-file-upload (157014)",
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/157014"
}
]
}

136
2019/4xxx/CVE-2019-4070.json
View File

@ -1,135 +1,135 @@
{
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10879943",
"title" : "IBM Security Bulletin 879943 (Intelligent Operations Center)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10879943",
"refsource" : "CONFIRM"
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10879943",
"title": "IBM Security Bulletin 879943 (Intelligent Operations Center)",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10879943",
"refsource": "CONFIRM"
},
{
"name" : "ibm-ioc-cve20194070-xss (157015)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/157015",
"title" : "X-Force Vulnerability Report"
"name": "ibm-ioc-cve20194070-xss (157015)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/157015",
"title": "X-Force Vulnerability Report"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "5.1.0"
"version_value": "5.1.0"
},
{
"version_value" : "5.1.0.1"
"version_value": "5.1.0.1"
},
{
"version_value" : "5.1.0.2"
"version_value": "5.1.0.2"
},
{
"version_value" : "5.1.0.3"
"version_value": "5.1.0.3"
},
{
"version_value" : "5.1.0.4"
"version_value": "5.1.0.4"
},
{
"version_value" : "5.1.0.5"
"version_value": "5.1.0.5"
},
{
"version_value" : "5.1.0.6"
"version_value": "5.1.0.6"
},
{
"version_value" : "5.1.0.7"
"version_value": "5.1.0.7"
},
{
"version_value" : "5.1.0.8"
"version_value": "5.1.0.8"
},
{
"version_value" : "5.1.0.9"
"version_value": "5.1.0.9"
},
{
"version_value" : "5.1.0.10"
"version_value": "5.1.0.10"
},
{
"version_value" : "5.1.0.11"
"version_value": "5.1.0.11"
},
{
"version_value" : "5.1.0.12"
"version_value": "5.1.0.12"
},
{
"version_value" : "5.1.0.13"
"version_value": "5.1.0.13"
},
{
"version_value" : "5.1.0.14"
"version_value": "5.1.0.14"
},
{
"version_value" : "5.2.0"
"version_value": "5.2.0"
}
]
},
"product_name" : "Intelligent Operations Center"
"product_name": "Intelligent Operations Center"
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_type" : "CVE",
"description" : {
"description_data" : [
"data_type": "CVE",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 157015."
"lang": "eng",
"value": "IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 157015."
}
]
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
"value": "Cross-Site Scripting",
"lang": "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "H"
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "H"
},
"BM" : {
"S" : "C",
"A" : "N",
"SCORE" : "5.400",
"AV" : "N",
"PR" : "L",
"C" : "L",
"UI" : "R",
"AC" : "L",
"I" : "L"
"BM": {
"S": "C",
"A": "N",
"SCORE": "5.400",
"AV": "N",
"PR": "L",
"C": "L",
"UI": "R",
"AC": "L",
"I": "L"
}
}
},
"data_version" : "4.0",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-05-31T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2019-4070"
"data_version": "4.0",
"CVE_data_meta": {
"DATE_PUBLIC": "2019-05-31T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2019-4070"
}
}

58
2019/8xxx/CVE-2019-8282.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8282",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-8282",
"ASSIGNER": "vulnerability@kaspersky.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Sentinel LDK RTE",
"version": {
"version_data": [
{
"version_value": "7.91"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-300: Channel Accessible by Non-Endpoint ('Man-in-the-Middle')"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/06/05/klcert-19-029-gemalto-admin-control-center-uses-cleartext-communication-with-www3-safenet-inc-com/",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/06/05/klcert-19-029-gemalto-admin-control-center-uses-cleartext-communication-with-www3-safenet-inc-com/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle (MITM) attack and replace original language pack by malicious one."
}
]
}

58
2019/8xxx/CVE-2019-8283.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8283",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-8283",
"ASSIGNER": "vulnerability@kaspersky.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Sentinel LDK RTE",
"version": {
"version_data": [
{
"version_value": "7.91"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1004: Sensitive Cookie Without 'HttpOnly' Flag"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/06/05/klcert-19-030-hasplm-cookie-without-httponly-attribute/",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/06/05/klcert-19-030-hasplm-cookie-without-httponly-attribute/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This allows malicious javascript to steal it."
}
]
}