From 02f69837f8cce244c7e03153ccc33be880a23b05 Mon Sep 17 00:00:00 2001 From: Ikuya Fukumoto Date: Fri, 4 Oct 2019 22:38:03 +0900 Subject: [PATCH 1/2] JPCERT/CC 2019-10-04 --- 2019/6xxx/CVE-2019-6015.json | 60 +++++++++++++++++++++++++++++++----- 1 file changed, 52 insertions(+), 8 deletions(-) diff --git a/2019/6xxx/CVE-2019-6015.json b/2019/6xxx/CVE-2019-6015.json index 27751029fad..2e3a5f804f4 100644 --- a/2019/6xxx/CVE-2019-6015.json +++ b/2019/6xxx/CVE-2019-6015.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6015", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://fonjapan.zendesk.com/hc/ja/articles/360000558942" + }, + { + "url": "http://jvn.jp/en/vu/JVNVU94678942/index.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification attacks to some other entities." + } + ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "firmware versions 1.1.7 and earlier" + } + ] + }, + "product_name": "FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B" + } + ] + }, + "vendor_name": "FON Wireless Limited" + } + ] + } + }, + "CVE_data_meta": { + "ID": "CVE-2019-6015", + "ASSIGNER": "vultures@jpcert.or.jp" + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "novuln" + } + ] } ] } From df04f54770fb89373d6683d2f74a467c2de80b91 Mon Sep 17 00:00:00 2001 From: Ikuya Fukumoto Date: Fri, 4 Oct 2019 22:54:08 +0900 Subject: [PATCH 2/2] Fix problem type value --- 2019/6xxx/CVE-2019-6015.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/2019/6xxx/CVE-2019-6015.json b/2019/6xxx/CVE-2019-6015.json index 2e3a5f804f4..a311c8c7845 100644 --- a/2019/6xxx/CVE-2019-6015.json +++ b/2019/6xxx/CVE-2019-6015.json @@ -53,10 +53,10 @@ "description": [ { "lang": "eng", - "value": "novuln" + "value": "Improper input validation" } ] } ] } -} \ No newline at end of file +}