diff --git a/2017/18xxx/CVE-2017-18349.json b/2017/18xxx/CVE-2017-18349.json new file mode 100644 index 00000000000..d4ddbf211cd --- /dev/null +++ b/2017/18xxx/CVE-2017-18349.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2017-18349", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in Pippo 1.11.0 and other products, allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi:// URI in the dataSourceName field of HTTP POST data to the Pippo /json URI, which is mishandled in AjaxApplication.java." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://fortiguard.com/encyclopedia/ips/44059", + "refsource" : "MISC", + "url" : "https://fortiguard.com/encyclopedia/ips/44059" + }, + { + "name" : "https://github.com/alibaba/fastjson/wiki/security_update_20170315", + "refsource" : "MISC", + "url" : "https://github.com/alibaba/fastjson/wiki/security_update_20170315" + }, + { + "name" : "https://github.com/pippo-java/pippo/issues/466", + "refsource" : "MISC", + "url" : "https://github.com/pippo-java/pippo/issues/466" + } + ] + } +} diff --git a/2018/14xxx/CVE-2018-14806.json b/2018/14xxx/CVE-2018-14806.json index cbfb7363a45..e394d4a9764 100644 --- a/2018/14xxx/CVE-2018-14806.json +++ b/2018/14xxx/CVE-2018-14806.json @@ -35,7 +35,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "Advantech WebAccess has a path traversal vulnerability may allow an attacker to execute arbitrary code." + "value" : "Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerability which may allow an attacker to execute arbitrary code." } ] }, @@ -54,10 +54,9 @@ "references" : { "reference_data" : [ { + "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01,", + "refsource" : "MISC", "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01," - }, - { - "url" : "http://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV&Doc_Source=Download" } ] } diff --git a/2018/14xxx/CVE-2018-14816.json b/2018/14xxx/CVE-2018-14816.json index 33aeaa424ec..403abcb3c86 100644 --- a/2018/14xxx/CVE-2018-14816.json +++ b/2018/14xxx/CVE-2018-14816.json @@ -35,7 +35,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "Advantech WebAccess has several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code." + "value" : "Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code." } ] }, @@ -54,10 +54,9 @@ "references" : { "reference_data" : [ { + "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01,", + "refsource" : "MISC", "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01," - }, - { - "url" : "http://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV&Doc_Source=Download" } ] } diff --git a/2018/14xxx/CVE-2018-14820.json b/2018/14xxx/CVE-2018-14820.json index 69df6fc6194..973c3ef6cb3 100644 --- a/2018/14xxx/CVE-2018-14820.json +++ b/2018/14xxx/CVE-2018-14820.json @@ -35,7 +35,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "Advantech WebAccess has a .dll component is susceptible to external control of file name or path vulnerability, which may allow an arbitrary file deletion when processing." + "value" : "Advantech WebAccess 8.3.1 and earlier has a .dll component that is susceptible to external control of file name or path vulnerability, which may allow an arbitrary file deletion when processing." } ] }, @@ -54,10 +54,9 @@ "references" : { "reference_data" : [ { + "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01,", + "refsource" : "MISC", "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01," - }, - { - "url" : "http://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV&Doc_Source=Download" } ] } diff --git a/2018/14xxx/CVE-2018-14828.json b/2018/14xxx/CVE-2018-14828.json index 7f65457f76b..4728e5ecdfc 100644 --- a/2018/14xxx/CVE-2018-14828.json +++ b/2018/14xxx/CVE-2018-14828.json @@ -35,7 +35,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "Advantech WebAccess has an improper privilege management vulnerability has been identified, which may allow an attacker to access those files and perform actions at a system administrator level." + "value" : "Advantech WebAccess 8.3.1 and earlier has an improper privilege management vulnerability, which may allow an attacker to access those files and perform actions at a system administrator level." } ] }, @@ -54,10 +54,9 @@ "references" : { "reference_data" : [ { + "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01,", + "refsource" : "MISC", "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01," - }, - { - "url" : "http://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV&Doc_Source=Download" } ] } diff --git a/2018/18xxx/CVE-2018-18628.json b/2018/18xxx/CVE-2018-18628.json new file mode 100644 index 00000000000..3b5414df99a --- /dev/null +++ b/2018/18xxx/CVE-2018-18628.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-18628", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode() calls ObjectInputStream.readObject() to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it in the PIPPO_SESSION field of a cookie. Sending this cookie may lead to remote code execution." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/pippo-java/pippo/issues/458", + "refsource" : "MISC", + "url" : "https://github.com/pippo-java/pippo/issues/458" + } + ] + } +} diff --git a/2018/18xxx/CVE-2018-18629.json b/2018/18xxx/CVE-2018-18629.json new file mode 100644 index 00000000000..3d5a0f54e0f --- /dev/null +++ b/2018/18xxx/CVE-2018-18629.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-18629", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +}