admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-08-06 10:04:21 -04:00
parent 5ea2d18a40
commit eb4ace7f3c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
12 changed files with 489 additions and 473 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
2017/1xxx/CVE-2017-1366.json
View File

@ -1,20 +1,9 @@
{
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"title" : "IBM Security Bulletin 2016869 (Security Identity Governance and Intelligence)"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-sig-cve20171366-info-disc (126859)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126859"
}
]
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-08-01T00:00:00",
"ID" : "CVE-2017-1366",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
@ -23,6 +12,7 @@
"product" : {
"product_data" : [
{
"product_name" : "Security Identity Governance and Intelligence",
"version" : {
"version_data" : [
{
@ -47,8 +37,7 @@
"version_value" : "5.2.3.2"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
}
]
},
@ -57,15 +46,37 @@
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126859.",
"lang" : "eng"
"lang" : "eng",
"value" : "IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126859."
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.900",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
@ -78,31 +89,18 @@
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-08-01T00:00:00",
"ID" : "CVE-2017-1366"
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869"
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"PR" : "N",
"A" : "N",
"SCORE" : "5.900",
"AV" : "N",
"AC" : "H",
"C" : "H",
"I" : "N",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
{
"name" : "ibm-sig-cve20171366-info-disc(126859)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126859"
}
]
}
}

124
2017/1xxx/CVE-2017-1368.json
View File

@ -1,74 +1,14 @@
{
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"C" : "L",
"AV" : "N",
"UI" : "R",
"I" : "N",
"A" : "N",
"S" : "U",
"PR" : "N",
"SCORE" : "4.300"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-08-01T00:00:00",
"ID" : "CVE-2017-1368",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"title" : "IBM Security Bulletin 2016869 (Security Identity Governance and Intelligence)"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-sig-cve20171368-info-disc (126861)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126861"
}
]
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 126861."
}
]
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -100,9 +40,67 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 126861."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "4.300",
"UI" : "R"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869"
},
{
"name" : "ibm-sig-cve20171368-info-disc(126861)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126861"
}
]
}
}

60
2017/1xxx/CVE-2017-1396.json
View File

@ -1,31 +1,10 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2018-08-01T00:00:00",
"ID" : "CVE-2017-1396",
"DATE_PUBLIC" : "2018-08-01T00:00:00"
"STATE" : "PUBLIC"
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "N",
"I" : "L",
"AC" : "H",
"C" : "L",
"AV" : "N",
"SCORE" : "4.200",
"A" : "N",
"S" : "U",
"PR" : "L"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
@ -67,6 +46,9 @@
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
@ -75,6 +57,26 @@
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "U",
"SCORE" : "4.200",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
@ -87,21 +89,17 @@
}
]
},
"data_format" : "MITRE",
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"title" : "IBM Security Bulletin 2016869 (Security Identity Governance and Intelligence)"
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869"
},
{
"name" : "ibm-sig-cve20171396-priv-escalation(127342)",
"refsource" : "XF",
"name" : "ibm-sig-cve20171396-priv-escalation (127342)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/127342",
"title" : "X-Force Vulnerability Report"
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/127342"
}
]
}

96
2017/1xxx/CVE-2017-1409.json
View File

@ -1,25 +1,18 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-08-01T00:00:00",
"ID" : "CVE-2017-1409",
"STATE" : "PUBLIC"
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Identity Governance and Intelligence",
"version" : {
"version_data" : [
{
@ -44,15 +37,18 @@
"version_value" : "5.2.3.2"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
@ -61,48 +57,50 @@
}
]
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.300",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"title" : "IBM Security Bulletin 2016869 (Security Identity Governance and Intelligence)"
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869"
},
{
"name" : "ibm-sig-cve20171409-info-disc (127396)",
"name" : "ibm-sig-cve20171409-info-disc(127396)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/127396",
"title" : "X-Force Vulnerability Report"
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/127396"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"S" : "U",
"PR" : "N",
"A" : "N",
"SCORE" : "5.300",
"AV" : "N",
"AC" : "L",
"C" : "L",
"I" : "N",
"UI" : "N"
}
}
},
"data_type" : "CVE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2017-1409",
"DATE_PUBLIC" : "2018-08-01T00:00:00"
}
}

76
2017/1xxx/CVE-2017-1411.json
View File

@ -1,12 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-08-01T00:00:00",
"ID" : "CVE-2017-1411",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Identity Governance and Intelligence",
"version" : {
"version_data" : [
{
@ -31,15 +37,18 @@
"version_value" : "5.2.3.2"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
@ -48,6 +57,26 @@
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.900",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
@ -60,49 +89,18 @@
}
]
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"title" : "IBM Security Bulletin 2016869 (Security Identity Governance and Intelligence)"
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869"
},
{
"name" : "ibm-sig-cve20171411-info-disc (127399)",
"name" : "ibm-sig-cve20171411-info-disc(127399)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/127399",
"title" : "X-Force Vulnerability Report"
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/127399"
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-08-01T00:00:00",
"ID" : "CVE-2017-1411"
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"PR" : "N",
"S" : "U",
"A" : "N",
"SCORE" : "5.900",
"AV" : "N",
"AC" : "H",
"C" : "H",
"I" : "N",
"UI" : "N"
}
}
},
"data_type" : "CVE"
}

98
2017/1xxx/CVE-2017-1412.json
View File

@ -1,17 +1,10 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-08-01T00:00:00",
"ID" : "CVE-2017-1412",
"STATE" : "PUBLIC"
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
@ -19,6 +12,7 @@
"product" : {
"product_data" : [
{
"product_name" : "Security Identity Governance and Intelligence",
"version" : {
"version_data" : [
{
@ -43,8 +37,7 @@
"version_value" : "5.2.3.2"
}
]
},
"product_name" : "Security Identity Governance and Intelligence"
}
}
]
},
@ -53,56 +46,61 @@
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 127400.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 2016869 (Security Identity Governance and Intelligence)"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-sig-cve20171412-info-disc (127400)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/127400"
"lang" : "eng",
"value" : "IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 127400."
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"A" : "N",
"S" : "U",
"PR" : "L",
"SCORE" : "4.300",
"AC" : "L",
"C" : "L",
"AV" : "N",
"UI" : "N",
"I" : "N"
"C" : "L",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "4.300",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"data_type" : "CVE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2018-08-01T00:00:00",
"ID" : "CVE-2017-1412",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869"
},
{
"name" : "ibm-sig-cve20171412-info-disc(127400)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/127400"
}
]
}
}

92
2017/1xxx/CVE-2017-1755.json
View File

@ -1,39 +1,14 @@
{
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"title" : "IBM Security Bulletin 2016869 (Security Identity Governance and Intelligence)"
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-08-01T00:00:00",
"ID" : "CVE-2017-1755",
"STATE" : "PUBLIC"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/135855",
"refsource" : "XF",
"name" : "ibm-sig-cve20171755-command-injection (135855)",
"title" : "X-Force Vulnerability Report"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -65,44 +40,67 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 could allow a local attacker to inject commands into malicious files that could be executed by the administrator. IBM X-Force ID: 135855.",
"lang" : "eng"
"lang" : "eng",
"value" : "IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 could allow a local attacker to inject commands into malicious files that could be executed by the administrator. IBM X-Force ID: 135855."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "R",
"I" : "H",
"C" : "H",
"A" : "H",
"AC" : "L",
"AV" : "L",
"SCORE" : "6.500",
"A" : "H",
"C" : "H",
"I" : "H",
"PR" : "H",
"S" : "U",
"PR" : "H"
"SCORE" : "6.500",
"UI" : "R"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O",
"E" : "U"
"RL" : "O"
}
}
},
"data_type" : "CVE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2017-1755",
"DATE_PUBLIC" : "2018-08-01T00:00:00"
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869"
},
{
"name" : "ibm-sig-cve20171755-command-injection(135855)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/135855"
}
]
}
}

18
2018/15xxx/CVE-2018-15121.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15121",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/15xxx/CVE-2018-15122.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15122",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

104
2018/1xxx/CVE-2018-1422.json
View File

@ -1,64 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2018-08-02T00:00:00",
"ID" : "CVE-2018-1422",
"DATE_PUBLIC" : "2018-08-02T00:00:00"
},
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "5.400",
"PR" : "L",
"S" : "C",
"A" : "N",
"I" : "L",
"UI" : "R",
"AV" : "N",
"C" : "L",
"AC" : "L"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "H"
}
}
},
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 0719817 (Rational DOORS Next Generation)",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10719817",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10719817"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/139025",
"name" : "ibm-jazz-cve20181422-xss (139025)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.5) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 139025."
}
]
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Rational DOORS Next Generation",
"version" : {
"version_data" : [
{
@ -89,13 +43,44 @@
"version_value" : "6.0.5"
}
]
}
}
]
},
"product_name" : "Rational DOORS Next Generation"
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.5) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 139025."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
@ -103,12 +88,25 @@
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"data_format" : "MITRE"
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10719817",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10719817"
},
{
"name" : "ibm-jazz-cve20181422-xss(139025)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/139025"
}
]
}
}

86
2018/1xxx/CVE-2018-1528.json
View File

@ -1,49 +1,14 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"S" : "U",
"PR" : "L",
"SCORE" : "4.300",
"AC" : "L",
"C" : "L",
"AV" : "N",
"UI" : "N",
"I" : "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"data_type" : "CVE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-07-31T00:00:00",
"ID" : "CVE-2018-1528",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
"STATE" : "PUBLIC"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -84,11 +49,15 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
@ -97,20 +66,49 @@
}
]
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "4.300",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 2017450 (Maximo Asset Management)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/docview.wss?uid=swg22017450",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=swg22017450"
},
{
"name" : "ibm-maximo-cve20181528-info-disc (142290)",
"name" : "ibm-maximo-cve20181528-info-disc(142290)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/142290",
"title" : "X-Force Vulnerability Report"
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/142290"
}
]
}

88
2018/1xxx/CVE-2018-1551.json
View File

@ -1,21 +1,10 @@
{
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10716113",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10716113",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 0716113 (WebSphere MQ)"
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-07-31T00:00:00",
"ID" : "CVE-2018-1551",
"STATE" : "PUBLIC"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/142888",
"name" : "ibm-websphere-cve20181551-improper-access (142888)",
"refsource" : "XF"
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
@ -23,6 +12,7 @@
"product" : {
"product_data" : [
{
"product_name" : "WebSphere MQ",
"version" : {
"version_data" : [
{
@ -59,8 +49,7 @@
"version_value" : "9.0.0.3"
}
]
},
"product_name" : "WebSphere MQ"
}
}
]
},
@ -69,6 +58,9 @@
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
@ -77,44 +69,50 @@
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "N",
"C" : "N",
"I" : "L",
"PR" : "L",
"S" : "U",
"SCORE" : "3.100",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
"lang" : "eng",
"value" : "Gain Access"
}
]
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2018-1551",
"DATE_PUBLIC" : "2018-07-31T00:00:00"
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10716113",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10716113"
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"S" : "U",
"PR" : "L",
"A" : "N",
"SCORE" : "3.100",
"AV" : "N",
"C" : "N",
"AC" : "H",
"I" : "L",
"UI" : "N"
}
{
"name" : "ibm-websphere-cve20181551-improper-access(142888)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/142888"
}
]
}
}