From e5c4009e79de585d75c7aef454392238d721f930 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 1 Mar 2019 00:06:05 -0500 Subject: [PATCH] - Synchronized data. --- 2019/9xxx/CVE-2019-9482.json | 62 +++++++++++++++++++++++++++++++++ 2019/9xxx/CVE-2019-9483.json | 67 ++++++++++++++++++++++++++++++++++++ 2 files changed, 129 insertions(+) create mode 100644 2019/9xxx/CVE-2019-9482.json create mode 100644 2019/9xxx/CVE-2019-9483.json diff --git a/2019/9xxx/CVE-2019-9482.json b/2019/9xxx/CVE-2019-9482.json new file mode 100644 index 00000000000..24bc1ff86b0 --- /dev/null +++ b/2019/9xxx/CVE-2019-9482.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9482", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "In MISP 2.4.102, an authenticated user can view sightings that they should not be eligible for. Exploiting this requires access to the event that has received the sighting. The issue affects instances with restrictive sighting settings (event only / sighting reported only)." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/MISP/MISP/commit/c69969329d197bcdd04832b03310fa73f4eb7155", + "refsource" : "MISC", + "url" : "https://github.com/MISP/MISP/commit/c69969329d197bcdd04832b03310fa73f4eb7155" + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9483.json b/2019/9xxx/CVE-2019-9483.json new file mode 100644 index 00000000000..1f32b7f0274 --- /dev/null +++ b/2019/9xxx/CVE-2019-9483.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9483", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/", + "refsource" : "MISC", + "url" : "https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/" + }, + { + "name" : "https://www.theverge.com/2019/2/27/18243296/ring-doorbell-hacked-fake-images-security-experts", + "refsource" : "MISC", + "url" : "https://www.theverge.com/2019/2/27/18243296/ring-doorbell-hacked-fake-images-security-experts" + } + ] + } +}