mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
90 lines
2.7 KiB
JSON
90 lines
2.7 KiB
JSON
{
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://www.ibm.com/support/pages/node/1118565",
|
|
"refsource": "CONFIRM",
|
|
"name": "https://www.ibm.com/support/pages/node/1118565",
|
|
"title": "IBM Security Bulletin 1118565 (Planning Analytics)"
|
|
},
|
|
{
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/168523",
|
|
"name": "ibm-planning-cve20194612-file-upload (168523)",
|
|
"title": "X-Force Vulnerability Report"
|
|
}
|
|
]
|
|
},
|
|
"data_version": "4.0",
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Gain Access"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 168523."
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvssv3": {
|
|
"TM": {
|
|
"RC": "C",
|
|
"E": "U",
|
|
"RL": "O"
|
|
},
|
|
"BM": {
|
|
"S": "U",
|
|
"UI": "R",
|
|
"I": "H",
|
|
"AV": "N",
|
|
"SCORE": "6.300",
|
|
"PR": "L",
|
|
"C": "L",
|
|
"AC": "L",
|
|
"A": "N"
|
|
}
|
|
}
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "2"
|
|
}
|
|
]
|
|
},
|
|
"product_name": "Planning Analytics"
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "IBM"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"STATE": "PUBLIC",
|
|
"ASSIGNER": "psirt@us.ibm.com",
|
|
"ID": "CVE-2019-4612",
|
|
"DATE_PUBLIC": "2019-12-06T00:00:00"
|
|
},
|
|
"data_type": "CVE"
|
|
} |