diff --git a/2018/17xxx/CVE-2018-17871.json b/2018/17xxx/CVE-2018-17871.json index 500ec20a2cd..fc2daf7f0fe 100644 --- a/2018/17xxx/CVE-2018-17871.json +++ b/2018/17xxx/CVE-2018-17871.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-17871", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,43 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Incorrect Access Control." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "20181002 [SYSS-2018-023] Password leakage in Verint Verba Collaboration Compliance and Quality Management Platform (CVE-2018-17871)", + "refsource" : "BUGTRAQ", + "url" : "https://seclists.org/bugtraq/2018/Oct/12" + }, + { + "name" : "http://packetstormsecurity.com/files/149651/Collaboration-Compliance-And-Quality-Management-Platform-9.1.1.5482-Disclosure.html", + "refsource" : "MISC", + "url" : "http://packetstormsecurity.com/files/149651/Collaboration-Compliance-And-Quality-Management-Platform-9.1.1.5482-Disclosure.html" + }, + { + "name" : "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-023.txt", + "refsource" : "MISC", + "url" : "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-023.txt" + }, + { + "name" : "https://releases.verba.com/?v=9.2", + "refsource" : "CONFIRM", + "url" : "https://releases.verba.com/?v=9.2" } ] } diff --git a/2018/17xxx/CVE-2018-17872.json b/2018/17xxx/CVE-2018-17872.json index c8e13f8826d..3f59f074424 100644 --- a/2018/17xxx/CVE-2018-17872.json +++ b/2018/17xxx/CVE-2018-17872.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-17872", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,43 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Insecure Permissions." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "20181002 [SYSS-2018-024] Privilege Escalation in Verint Verba Collaboration Compliance and Quality Management Platform (CVE-2018-17872)", + "refsource" : "BUGTRAQ", + "url" : "https://seclists.org/bugtraq/2018/Oct/13" + }, + { + "name" : "http://packetstormsecurity.com/files/149652/Collaboration-Compliance-And-Quality-Management-Platform-9.1.1.5482-Improper-Access-Control.html", + "refsource" : "MISC", + "url" : "http://packetstormsecurity.com/files/149652/Collaboration-Compliance-And-Quality-Management-Platform-9.1.1.5482-Improper-Access-Control.html" + }, + { + "name" : "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-024.txt", + "refsource" : "MISC", + "url" : "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-024.txt" + }, + { + "name" : "https://releases.verba.com/?v=9.2", + "refsource" : "CONFIRM", + "url" : "https://releases.verba.com/?v=9.2" } ] } diff --git a/2018/17xxx/CVE-2018-17876.json b/2018/17xxx/CVE-2018-17876.json index 2d67ef6e3ba..2f848e10697 100644 --- a/2018/17xxx/CVE-2018-17876.json +++ b/2018/17xxx/CVE-2018-17876.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-17876", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "A Stored XSS vulnerability has been discovered in the v5.5.0 version of the Coaster CMS product." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://packetstormsecurity.com/files/149647/Coaster-CMS-5.5.0-Cross-Site-Scripting.html", + "refsource" : "MISC", + "url" : "http://packetstormsecurity.com/files/149647/Coaster-CMS-5.5.0-Cross-Site-Scripting.html" } ] }