admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-115xx/CVE-2019-11548.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

139 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-11548",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-09-09T19:15:10.940",
"lastModified": "2024-11-21T04:21:19.433",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9. It has Incorrect Access Control. Unprivileged members of a project are able to post comments on confidential issues through an authorization issue in the note endpoint."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en GitLab Community and Enterprise Edition versiones anteriores a 11.8.9. Presenta un Control de Acceso Incorrecto. Los miembros no privilegiados de un proyecto pueden publicar comentarios sobre problemas confidenciales por medio de un problema de autorizaci\u00f3n en el end point de note."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"baseScore": 3.5,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "5.4.0",
"versionEndExcluding": "11.8.9",
"matchCriteriaId": "3F947E28-E1C1-4C29-97CA-FE13DA736D37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "5.4.0",
"versionEndExcluding": "11.8.9",
"matchCriteriaId": "9FC1B252-249A-4C8E-A107-6A498BFF8D63"
}
]
}
]
}
],
"references": [
{
"url": "https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/",
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/58505",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/58505",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink