admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2019/4xxx/CVE-2019-4171.json
CVE Team 59ba611363
"-Synchronized-Data."
2019-09-17 20:00:57 +00:00

99 lines
3.3 KiB
JSON
Raw Blame History

{
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/security-bulletin-security-vulnerabilties-exist-ibm-cognos-controller",
"name": "https://www.ibm.com/support/pages/security-bulletin-security-vulnerabilties-exist-ibm-cognos-controller",
"title": "IBM Security Bulletin 1072744 (Cognos Controller)"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158876",
"name": "ibm-cognos-cve20194171-info-disc (158876)",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Cognos Controller",
"version": {
"version_data": [
{
"version_value": "10.3.1"
},
{
"version_value": "10.3.0"
},
{
"version_value": "10.4.0"
},
{
"version_value": "10.4.1"
}
]
}
}
]
}
}
]
}
},
"data_type": "CVE",
"CVE_data_meta": {
"DATE_PUBLIC": "2019-09-09T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2019-4171"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 158876."
}
]
},
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
},
"BM": {
"SCORE": "3.700",
"UI": "N",
"A": "N",
"AC": "H",
"S": "U",
"AV": "N",
"C": "L",
"I": "N",
"PR": "N"
}
}
},
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink