Skip to content

Commit

Permalink
- Synchronized data.
Browse files Browse the repository at this point in the history
  • Loading branch information
cve-team committed Mar 15, 2019
1 parent 120a823 commit d8c249c
Show file tree
Hide file tree
Showing 3 changed files with 97 additions and 79 deletions.
50 changes: 47 additions & 3 deletions 2019/5xxx/CVE-2019-5616.json
Original file line number Diff line number Diff line change
@@ -1,11 +1,34 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cve@rapid7.com",
"DATE_PUBLIC" : "2019-03-12T15:00:00.000Z",
"ID" : "CVE-2019-5616",
"STATE" : "RESERVED",
"STATE" : "PUBLIC",
"TITLE" : "CircuitWerkes Sicon-8 Client-Side Authentication Read-Only Bypass"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"credit" : [
{
"lang" : "eng",
Expand All @@ -19,7 +42,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser."
}
]
},
Expand All @@ -45,6 +68,27 @@
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://blog.rapid7.com/2019/03/12/r7-2019-01-circuitwerkes-sicon-8-client-side-authentication-read-only-bypass-cve-2019-5616/",
"refsource" : "MISC",
"url" : "https://blog.rapid7.com/2019/03/12/r7-2019-01-circuitwerkes-sicon-8-client-side-authentication-read-only-bypass-cve-2019-5616/"
}
]
},
"source" : {
"defect" : [
"R7-2019-01"
Expand Down
108 changes: 32 additions & 76 deletions 2019/6xxx/CVE-2019-6149.json
Original file line number Diff line number Diff line change
@@ -1,89 +1,45 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2019-03-14T16:00:00.000Z",
"ID": "CVE-2019-6149",
"STATE": "PUBLIC"
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"DATE_PUBLIC" : "2019-03-14T16:00:00.000Z",
"ID" : "CVE-2019-6149",
"STATE" : "RESERVED"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dynamic Power Reduction Utility",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "2.2.2.0"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges."
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "LOCAL",
"availabilityImpact" : "HIGH",
"baseScore" : 6.7,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "HIGH",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/solutions/LEN-25674"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "Update Dynamic Power Reduction Utility to version 2.2.2.0."
"lang" : "eng",
"value" : "Update Dynamic Power Reduction Utility to version 2.2.2.0."
}
],
"source": {
"advisory": "LEN-25674",
"discovery": "UNKNOWN"
"source" : {
"advisory" : "LEN-25674",
"discovery" : "UNKNOWN"
}
}
18 changes: 18 additions & 0 deletions 2019/9xxx/CVE-2019-9841.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9841",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

0 comments on commit d8c249c

Please sign in to comment.