mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
76 lines
2.4 KiB
JSON
76 lines
2.4 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "psirt@us.ibm.com",
|
|
"DATE_PUBLIC": "2017-09-06T00:00:00",
|
|
"ID": "CVE-2017-1352",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Maximo Asset Management",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "7.5"
|
|
},
|
|
{
|
|
"version_value": "7.6"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "IBM"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Gain Privileges"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "http://www.ibm.com/support/docview.wss?uid=swg22006650",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006650"
|
|
},
|
|
{
|
|
"name": "100697",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/100697"
|
|
},
|
|
{
|
|
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126538",
|
|
"refsource": "MISC",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126538"
|
|
}
|
|
]
|
|
}
|
|
} |