mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
148 lines
5.7 KiB
JSON
148 lines
5.7 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "psirt@us.ibm.com",
|
|
"DATE_PUBLIC": "2018-08-15T00:00:00",
|
|
"ID": "CVE-2018-1712",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "API Connect",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "5.0.1.0"
|
|
},
|
|
{
|
|
"version_value": "5.0.0.0"
|
|
},
|
|
{
|
|
"version_value": "5.0.0.1"
|
|
},
|
|
{
|
|
"version_value": "5.0.2.0"
|
|
},
|
|
{
|
|
"version_value": "5.0.5.0"
|
|
},
|
|
{
|
|
"version_value": "5.0.6.0"
|
|
},
|
|
{
|
|
"version_value": "5.0.6.1"
|
|
},
|
|
{
|
|
"version_value": "5.0.6.2"
|
|
},
|
|
{
|
|
"version_value": "5.0.7.0"
|
|
},
|
|
{
|
|
"version_value": "5.0.7.1"
|
|
},
|
|
{
|
|
"version_value": "5.0.3.0"
|
|
},
|
|
{
|
|
"version_value": "5.0.4.0"
|
|
},
|
|
{
|
|
"version_value": "5.0.7.2"
|
|
},
|
|
{
|
|
"version_value": "5.0.6.3"
|
|
},
|
|
{
|
|
"version_value": "5.0.6.4"
|
|
},
|
|
{
|
|
"version_value": "5.0.8.0"
|
|
},
|
|
{
|
|
"version_value": "5.0.8.1"
|
|
},
|
|
{
|
|
"version_value": "5.0.6.5"
|
|
},
|
|
{
|
|
"version_value": "5.0.6.6"
|
|
},
|
|
{
|
|
"version_value": "5.0.8.2"
|
|
},
|
|
{
|
|
"version_value": "5.0.8.3"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "IBM"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "IBM API Connect's Developer Portal 5.0.0.0 through 5.0.8.3 is vulnerable to Server Side Request Forgery. An attacker, using specially crafted input parameters can trick the server into making potentially malicious calls within the trusted network. IBM X-Force ID: 146370."
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvssv3": {
|
|
"BM": {
|
|
"A": "L",
|
|
"AC": "L",
|
|
"AV": "N",
|
|
"C": "H",
|
|
"I": "L",
|
|
"PR": "N",
|
|
"S": "U",
|
|
"SCORE": "8.600",
|
|
"UI": "N"
|
|
},
|
|
"TM": {
|
|
"E": "U",
|
|
"RC": "C",
|
|
"RL": "O"
|
|
}
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Obtain Information"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "ibm-api-cve20181712-ssrf(146370)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/146370"
|
|
},
|
|
{
|
|
"name": "https://www-01.ibm.com/support/docview.wss?uid=ibm10716169",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10716169"
|
|
}
|
|
]
|
|
}
|
|
} |