admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

IBM20190410-10810

Browse Source 
Added CVE-2018-1903, CVE-2019-4013, CVE-2018-1994
This commit is contained in:
Scott Moore - IBM 2019-04-10 10:08:10 -04:00
parent 242a12db62
commit e5c4dfc707
No known key found for this signature in database
GPG Key ID: 95B9EA1B824C2926
3 changed files with 270 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
2018/1xxx/CVE-2018-1903.json
View File

@ -1,18 +1,96 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1903",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"value" : "IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, and 6.0.0 could allow a user with restricted sudo access on a system to manipulate CD UNIX to gain full sudo access. IBM X-Force ID: 152532.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "4.2.0"
},
{
"version_value" : "4.3.0"
},
{
"version_value" : "6.0.0"
}
]
},
"product_name" : "Sterling Connect:Direct for UNIX"
}
]
}
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 875386 (Sterling Connect:Direct for UNIX)",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10875386",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10875386"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-sterling-cve20181903-priv-escalation (152532)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152532"
}
]
},
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1903",
"DATE_PUBLIC" : "2019-04-01T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"C" : "H",
"UI" : "N",
"AC" : "L",
"SCORE" : "6.700",
"AV" : "L",
"I" : "H",
"A" : "H",
"S" : "U",
"PR" : "H"
}
}
}
}

105
2018/1xxx/CVE-2018-1994.json
View File

@ -1,18 +1,93 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1994",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "InfoSphere Information Server",
"version" : {
"version_data" : [
{
"version_value" : "11.5"
},
{
"version_value" : "11.7"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 793871 (InfoSphere Information Server)",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10793871",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10793871"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/154494",
"name" : "ibm-infosphere-cve20181994-sql-injection (154494)",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 154494."
}
]
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-04-04T00:00:00",
"ID" : "CVE-2018-1994",
"ASSIGNER" : "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"C" : "L",
"UI" : "N",
"I" : "L",
"A" : "L",
"S" : "U",
"PR" : "L",
"SCORE" : "6.300",
"AV" : "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Data Manipulation"
}
]
}
]
},
"data_version" : "4.0"
}

102
2019/4xxx/CVE-2019-4013.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4013",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-03-11T00:00:00",
"ID" : "CVE-2019-4013"
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"C" : "H",
"UI" : "R",
"A" : "H",
"I" : "H",
"PR" : "L",
"S" : "C",
"AV" : "N",
"SCORE" : "9.000"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "BigFix Platform",
"version" : {
"version_data" : [
{
"version_value" : "9.5"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10874666",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10874666",
"title" : "IBM Security Bulletin 874666 (BigFix Platform)"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155887",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-bigfix-cve2019-4013-code-exec (155887)"
}
]
},
"data_type" : "CVE",
"data_format" : "MITRE"
}