admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#1739

Browse Source 
Auto-merge PR#1739
This commit is contained in:
CVE Team 2019-03-21 10:35:26 -04:00 committed by GitHub
commit e12306d7d0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 180 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
2017/1xxx/CVE-2017-1713.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1713",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"value" : "IBM InfoSphere Streams 4.2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134632.",
"lang" : "eng"
}
]
},
"data_type" : "CVE",
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "4.2.1"
}
]
},
"product_name" : "Streams"
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 2016056 (Streams)",
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016056",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016056"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/134632",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-infosphere-cve20171713-info-disc (134632)",
"refsource" : "XF"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "N",
"I" : "N",
"S" : "U",
"PR" : "N",
"SCORE" : "5.900",
"AV" : "N",
"C" : "H",
"A" : "N",
"AC" : "H"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-05-02T00:00:00",
"ID" : "CVE-2017-1713"
}
}

108
2018/1xxx/CVE-2018-1992.json
View File

@ -1,18 +1,96 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1992",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"description" : {
"description_data" : [
{
"value" : "The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker were able to replace the initial boot firmware image with a very carefully crafted and sufficiently large, malicious replacement, it could cause the bootloader, during the load of that image, to overwrite its own instruction memory and circumvent secure boot protections, install trojans, etc. IBM X-Force ID: 154345.",
"lang" : "eng"
}
]
},
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"SCORE" : "6.400",
"PR" : "H",
"AV" : "L",
"S" : "U",
"I" : "H",
"UI" : "N",
"AC" : "H",
"A" : "H",
"C" : "H"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10868992",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 868992 (Power 9 Systems)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10868992"
},
{
"name" : "ibm-power9-cve20181992-code-exec (154345)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/154345"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Power 9 Systems",
"version" : {
"version_data" : [
{
"version_value" : "FW910"
},
{
"version_value" : "OP910"
},
{
"version_value" : "OP920"
}
]
}
}
]
}
}
]
}
}
]
}
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-02-18T00:00:00",
"ID" : "CVE-2018-1992",
"STATE" : "PUBLIC"
}
}