admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2019/4xxx/CVE-2019-4214.json
CVE Team 67f33be396
"-Synchronized-Data."
2019-11-22 16:02:02 +00:00

102 lines
3.3 KiB
JSON
Raw Blame History

{
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"C": "L",
"A": "N",
"SCORE": "3.700",
"UI": "N",
"PR": "N",
"AC": "H",
"S": "U",
"I": "N",
"AV": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"description": {
"description_data": [
{
"value": "IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 159185.",
"lang": "eng"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "1.3.1"
},
{
"version_value": "1.3.2"
},
{
"version_value": "1.3.3"
},
{
"version_value": "1.3.4"
},
{
"version_value": "1.3.5"
}
]
},
"product_name": "SmartCloud Analytics"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-11-21T00:00:00",
"ID": "CVE-2019-4214",
"ASSIGNER": "psirt@us.ibm.com"
},
"data_version": "4.0",
"data_type": "CVE",
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 1110171 (SmartCloud Analytics)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/1110171",
"url": "https://www.ibm.com/support/pages/node/1110171"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/159185",
"name": "ibm-smartcloud-cve20194214-info-disc (159185)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink