modified files

Author: ahouseholder

data/0/vu_990900/vu_990900.json

@@ -12,26 +12,26 @@
   "CAM_WidelyKnown": "0",
   "CERTAdvisory": "",
   "CVEIDs": "CVE-2003-0702",
-  "CVSS_AccessComplexity": "",
-  "CVSS_AccessVector": "",
-  "CVSS_Authenication": "",
-  "CVSS_AvailabilityImpact": "",
-  "CVSS_BaseScore": "",
-  "CVSS_BaseVector": "",
-  "CVSS_CollateralDamagePotential": "",
-  "CVSS_ConfidentialityImpact": "",
-  "CVSS_EnvironmentalScore": "",
-  "CVSS_EnvironmentalVector": "",
-  "CVSS_Exploitability": "",
-  "CVSS_IntegrityImpact": "",
-  "CVSS_RemediationLevel": "",
-  "CVSS_ReportConfidence": "",
-  "CVSS_SecurityRequirementsAR": "",
-  "CVSS_SecurityRequirementsCR": "",
-  "CVSS_SecurityRequirementsIR": "",
-  "CVSS_TargetDistribution": "",
-  "CVSS_TemporalScore": "",
-  "CVSS_TemporalVector": "",
+  "CVSS_AccessComplexity": "--",
+  "CVSS_AccessVector": "--",
+  "CVSS_Authenication": "--",
+  "CVSS_AvailabilityImpact": "--",
+  "CVSS_BaseScore": 0,
+  "CVSS_BaseVector": "AV:--/AC:--/Au:--/C:--/I:--/A:--",
+  "CVSS_CollateralDamagePotential": "Not Defined (ND)",
+  "CVSS_ConfidentialityImpact": "--",
+  "CVSS_EnvironmentalScore": 0,
+  "CVSS_EnvironmentalVector": "CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND)",
+  "CVSS_Exploitability": "Not Defined (ND)",
+  "CVSS_IntegrityImpact": "--",
+  "CVSS_RemediationLevel": "Not Defined (ND)",
+  "CVSS_ReportConfidence": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsAR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsCR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsIR": "Not Defined (ND)",
+  "CVSS_TargetDistribution": "Not Defined (ND)",
+  "CVSS_TemporalScore": 0,
+  "CVSS_TemporalVector": "E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND)",
   "DateCreated": "2003-09-05T13:30:06-04:00",
   "DateFirstPublished": "",
   "DateLastUpdated": "2003-11-19T11:44:00-05:00",

data/1/vu_176301/vu_176301.json

@@ -39,7 +39,7 @@
   "CVSS_TemporalVector": "E:ND/RL:ND/RC:ND",
   "DateCreated": "2018-09-10T10:06:43-04:00",
   "DateFirstPublished": "2018-10-06T19:34:55-04:00",
-  "DateLastUpdated": "2018-10-16T14:52:00-04:00",
+  "DateLastUpdated": "2018-12-11T09:21:00-05:00",
   "DatePublic": "2018-10-06T00:00:00",
   "Description": "CWE 798: \u200bUse of Hard-Coded Credentials - CVE\u20132018-5399\nThe DCU 210E firmware contains an undocumented Dropbear SSH server with a hardcoded username and password. The password is easily susceptible to cracking. CWE-346:\u200bOrigin Validation Error - CVE\u20132018-5400\nThe Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices. CWE-319:\u200b Cleartext Transmission of Sensitive Information - CVE\u20132018-5401\nThe devices transmit process control information via unencrypted Modbus communications. CWE-319:\u200b Cleartext Transmission of Sensitive Information - CVE\u20132018-5402\nThe embedded webserver uses unencrypted plaintext for the transmission of the administrator PIN.",
   "ID": "VU#176301",
@@ -50,7 +50,7 @@
   "Overview": "Auto-Maskin RP remote panels and DCU controls units are used to monitor and control ship engines. The units have several authentication and encryption vulnerabilities which can allow attackers to access the units and control connected engines.",
   "References": "",
   "Resolution": "CERT/CC is currently unaware of an update to address the vulnerabilities.",
-  "Revision": 14,
+  "Revision": 16,
   "SystemsAffectedPreamble": "",
   "ThanksAndCredit": "Thanks to Brian Satira and Brian Olson for reporting this vulnerability.",
   "Title": "Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App",

data/11/vu_581311/vu_581311.json

@@ -37,7 +37,7 @@
   "CVSS_TemporalVector": "E:POC/RL:OF/RC:C",
   "DateCreated": "2018-06-28T11:57:32-04:00",
   "DateFirstPublished": "2018-09-26T09:07:40-04:00",
-  "DateLastUpdated": "2018-10-30T08:43:00-04:00",
+  "DateLastUpdated": "2018-11-08T13:58:00-05:00",
   "DatePublic": "2018-09-18T00:00:00",
   "Description": "CWE-306: Missing Authentication for Critical Function - CVE-2018-5393 EAP Controller for Linux utilizes a Java remote method invocation (RMI) service for remote control. The RMI interface does not require any authentication before use. Remote attackers can implement deserialization attacks through the RMI protocol. Successful attacks may allow a remote attacker to remotely control the target server and execute Java functions or bytecode. CWE-502: Deserialization of Untrusted Data - CVE-2015-6420 EAP Controller for Linux bundles a vulnerable version of Apache commons-collections v3.2.1 with the software, which appears to be the root cause of the vulnerability. Therefore, EAP Controller v2.5.3 and earlier are vulnerable to CVE-2015-6420 as documented in VU#576313. EAP Controller v2.5.3 and earlier for Linux are affected by both vulnerabilities.",
   "ID": "VU#581311",
@@ -59,8 +59,8 @@
     "http://cwe.mitre.org/data/definitions/306.html",
     "http://cwe.mitre.org/data/definitions/502.html"
   ],
-  "Resolution": "There is currently no available update to EAP Controller to fully address the vulnerability. However, affected users may take the following actions to help mitigate and reduce risk. As described in VU#576313, updating the vulnerable libraries does not necessarily eliminate the vulnerability in all scenarios.",
-  "Revision": 97,
+  "Resolution": "The Omada Controller software v3.0.2 and later are not affected by this issue. Software download is available on the TP-Link support website. If older software must be used, users can help mitigate and reduce risk by updating the vulnerable libraries does not necessarily eliminate the vulnerability in all scenarios, as described in As described in VU#576313.",
+  "Revision": 103,
   "SystemsAffectedPreamble": "",
   "ThanksAndCredit": "Thanks to Liu Zhu, of Huawei Weiran Lab for reporting this vulnerability.",
   "Title": "TP-Link EAP Controller lacks RMI authentication and is vulnerable to deserialization attacks",

data/11/vu_991211/vu_991211.json

@@ -15,26 +15,26 @@
     "CVE-2008-5077",
     "CVE-2009-0021"
   ],
-  "CVSS_AccessComplexity": "",
-  "CVSS_AccessVector": "",
-  "CVSS_Authenication": "",
-  "CVSS_AvailabilityImpact": "",
-  "CVSS_BaseScore": "",
-  "CVSS_BaseVector": "",
-  "CVSS_CollateralDamagePotential": "",
-  "CVSS_ConfidentialityImpact": "",
-  "CVSS_EnvironmentalScore": "",
-  "CVSS_EnvironmentalVector": "",
-  "CVSS_Exploitability": "",
-  "CVSS_IntegrityImpact": "",
-  "CVSS_RemediationLevel": "",
-  "CVSS_ReportConfidence": "",
-  "CVSS_SecurityRequirementsAR": "",
-  "CVSS_SecurityRequirementsCR": "",
-  "CVSS_SecurityRequirementsIR": "",
-  "CVSS_TargetDistribution": "",
-  "CVSS_TemporalScore": "",
-  "CVSS_TemporalVector": "",
+  "CVSS_AccessComplexity": "--",
+  "CVSS_AccessVector": "--",
+  "CVSS_Authenication": "--",
+  "CVSS_AvailabilityImpact": "--",
+  "CVSS_BaseScore": 0,
+  "CVSS_BaseVector": "AV:--/AC:--/Au:--/C:--/I:--/A:--",
+  "CVSS_CollateralDamagePotential": "Not Defined (ND)",
+  "CVSS_ConfidentialityImpact": "--",
+  "CVSS_EnvironmentalScore": 0,
+  "CVSS_EnvironmentalVector": "CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND)",
+  "CVSS_Exploitability": "Not Defined (ND)",
+  "CVSS_IntegrityImpact": "--",
+  "CVSS_RemediationLevel": "Not Defined (ND)",
+  "CVSS_ReportConfidence": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsAR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsCR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsIR": "Not Defined (ND)",
+  "CVSS_TargetDistribution": "Not Defined (ND)",
+  "CVSS_TemporalScore": 0,
+  "CVSS_TemporalVector": "E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND)",
   "DateCreated": "2009-01-08T10:50:49-05:00",
   "DateFirstPublished": "",
   "DateLastUpdated": "2009-01-09T10:20:00-05:00",

data/13/vu_990913/vu_990913.json

@@ -12,26 +12,26 @@
   "CAM_WidelyKnown": "0",
   "CERTAdvisory": "",
   "CVEIDs": "",
-  "CVSS_AccessComplexity": "",
-  "CVSS_AccessVector": "",
-  "CVSS_Authenication": "",
-  "CVSS_AvailabilityImpact": "",
-  "CVSS_BaseScore": "",
-  "CVSS_BaseVector": "",
-  "CVSS_CollateralDamagePotential": "",
-  "CVSS_ConfidentialityImpact": "",
-  "CVSS_EnvironmentalScore": "",
-  "CVSS_EnvironmentalVector": "",
-  "CVSS_Exploitability": "",
-  "CVSS_IntegrityImpact": "",
-  "CVSS_RemediationLevel": "",
-  "CVSS_ReportConfidence": "",
-  "CVSS_SecurityRequirementsAR": "",
-  "CVSS_SecurityRequirementsCR": "",
-  "CVSS_SecurityRequirementsIR": "",
-  "CVSS_TargetDistribution": "",
-  "CVSS_TemporalScore": "",
-  "CVSS_TemporalVector": "",
+  "CVSS_AccessComplexity": "--",
+  "CVSS_AccessVector": "--",
+  "CVSS_Authenication": "--",
+  "CVSS_AvailabilityImpact": "--",
+  "CVSS_BaseScore": 0,
+  "CVSS_BaseVector": "AV:--/AC:--/Au:--/C:--/I:--/A:--",
+  "CVSS_CollateralDamagePotential": "Not Defined (ND)",
+  "CVSS_ConfidentialityImpact": "--",
+  "CVSS_EnvironmentalScore": 0,
+  "CVSS_EnvironmentalVector": "CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND)",
+  "CVSS_Exploitability": "Not Defined (ND)",
+  "CVSS_IntegrityImpact": "--",
+  "CVSS_RemediationLevel": "Not Defined (ND)",
+  "CVSS_ReportConfidence": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsAR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsCR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsIR": "Not Defined (ND)",
+  "CVSS_TargetDistribution": "Not Defined (ND)",
+  "CVSS_TemporalScore": 0,
+  "CVSS_TemporalVector": "E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND)",
   "DateCreated": "2007-06-04T07:26:19-04:00",
   "DateFirstPublished": "",
   "DateLastUpdated": "2007-06-04T07:29:00-04:00",

data/15/vu_990715/vu_990715.json

@@ -12,26 +12,26 @@
   "CAM_WidelyKnown": "0",
   "CERTAdvisory": "",
   "CVEIDs": "",
-  "CVSS_AccessComplexity": "",
-  "CVSS_AccessVector": "",
-  "CVSS_Authenication": "",
-  "CVSS_AvailabilityImpact": "",
-  "CVSS_BaseScore": "",
-  "CVSS_BaseVector": "",
-  "CVSS_CollateralDamagePotential": "",
-  "CVSS_ConfidentialityImpact": "",
-  "CVSS_EnvironmentalScore": "",
-  "CVSS_EnvironmentalVector": "",
-  "CVSS_Exploitability": "",
-  "CVSS_IntegrityImpact": "",
-  "CVSS_RemediationLevel": "",
-  "CVSS_ReportConfidence": "",
-  "CVSS_SecurityRequirementsAR": "",
-  "CVSS_SecurityRequirementsCR": "",
-  "CVSS_SecurityRequirementsIR": "",
-  "CVSS_TargetDistribution": "",
-  "CVSS_TemporalScore": "",
-  "CVSS_TemporalVector": "",
+  "CVSS_AccessComplexity": "--",
+  "CVSS_AccessVector": "--",
+  "CVSS_Authenication": "--",
+  "CVSS_AvailabilityImpact": "--",
+  "CVSS_BaseScore": 0,
+  "CVSS_BaseVector": "AV:--/AC:--/Au:--/C:--/I:--/A:--",
+  "CVSS_CollateralDamagePotential": "Not Defined (ND)",
+  "CVSS_ConfidentialityImpact": "--",
+  "CVSS_EnvironmentalScore": 0,
+  "CVSS_EnvironmentalVector": "CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND)",
+  "CVSS_Exploitability": "Not Defined (ND)",
+  "CVSS_IntegrityImpact": "--",
+  "CVSS_RemediationLevel": "Not Defined (ND)",
+  "CVSS_ReportConfidence": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsAR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsCR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsIR": "Not Defined (ND)",
+  "CVSS_TargetDistribution": "Not Defined (ND)",
+  "CVSS_TemporalScore": 0,
+  "CVSS_TemporalVector": "E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND)",
   "DateCreated": "2001-08-01T11:38:08-04:00",
   "DateFirstPublished": "",
   "DateLastUpdated": "2001-08-01T11:42:00-04:00",

data/2/vu_990902/vu_990902.json

@@ -12,26 +12,26 @@
   "CAM_WidelyKnown": "0",
   "CERTAdvisory": "",
   "CVEIDs": "",
-  "CVSS_AccessComplexity": "",
-  "CVSS_AccessVector": "",
-  "CVSS_Authenication": "",
-  "CVSS_AvailabilityImpact": "",
-  "CVSS_BaseScore": "",
-  "CVSS_BaseVector": "",
-  "CVSS_CollateralDamagePotential": "",
-  "CVSS_ConfidentialityImpact": "",
-  "CVSS_EnvironmentalScore": "",
-  "CVSS_EnvironmentalVector": "",
-  "CVSS_Exploitability": "",
-  "CVSS_IntegrityImpact": "",
-  "CVSS_RemediationLevel": "",
-  "CVSS_ReportConfidence": "",
-  "CVSS_SecurityRequirementsAR": "",
-  "CVSS_SecurityRequirementsCR": "",
-  "CVSS_SecurityRequirementsIR": "",
-  "CVSS_TargetDistribution": "",
-  "CVSS_TemporalScore": "",
-  "CVSS_TemporalVector": "",
+  "CVSS_AccessComplexity": "--",
+  "CVSS_AccessVector": "--",
+  "CVSS_Authenication": "--",
+  "CVSS_AvailabilityImpact": "--",
+  "CVSS_BaseScore": 0,
+  "CVSS_BaseVector": "AV:--/AC:--/Au:--/C:--/I:--/A:--",
+  "CVSS_CollateralDamagePotential": "Not Defined (ND)",
+  "CVSS_ConfidentialityImpact": "--",
+  "CVSS_EnvironmentalScore": 0,
+  "CVSS_EnvironmentalVector": "CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND)",
+  "CVSS_Exploitability": "Not Defined (ND)",
+  "CVSS_IntegrityImpact": "--",
+  "CVSS_RemediationLevel": "Not Defined (ND)",
+  "CVSS_ReportConfidence": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsAR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsCR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsIR": "Not Defined (ND)",
+  "CVSS_TargetDistribution": "Not Defined (ND)",
+  "CVSS_TemporalScore": 0,
+  "CVSS_TemporalVector": "E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND)",
   "DateCreated": "2004-04-23T10:20:45-04:00",
   "DateFirstPublished": "",
   "DateLastUpdated": "2004-04-23T10:56:00-04:00",

data/21/vu_990821/vu_990821.json

@@ -12,26 +12,26 @@
   "CAM_WidelyKnown": "0",
   "CERTAdvisory": "",
   "CVEIDs": "",
-  "CVSS_AccessComplexity": "",
-  "CVSS_AccessVector": "",
-  "CVSS_Authenication": "",
-  "CVSS_AvailabilityImpact": "",
-  "CVSS_BaseScore": "",
-  "CVSS_BaseVector": "",
-  "CVSS_CollateralDamagePotential": "",
-  "CVSS_ConfidentialityImpact": "",
-  "CVSS_EnvironmentalScore": "",
-  "CVSS_EnvironmentalVector": "",
-  "CVSS_Exploitability": "",
-  "CVSS_IntegrityImpact": "",
-  "CVSS_RemediationLevel": "",
-  "CVSS_ReportConfidence": "",
-  "CVSS_SecurityRequirementsAR": "",
-  "CVSS_SecurityRequirementsCR": "",
-  "CVSS_SecurityRequirementsIR": "",
-  "CVSS_TargetDistribution": "",
-  "CVSS_TemporalScore": "",
-  "CVSS_TemporalVector": "",
+  "CVSS_AccessComplexity": "--",
+  "CVSS_AccessVector": "--",
+  "CVSS_Authenication": "--",
+  "CVSS_AvailabilityImpact": "--",
+  "CVSS_BaseScore": 0,
+  "CVSS_BaseVector": "AV:--/AC:--/Au:--/C:--/I:--/A:--",
+  "CVSS_CollateralDamagePotential": "Not Defined (ND)",
+  "CVSS_ConfidentialityImpact": "--",
+  "CVSS_EnvironmentalScore": 0,
+  "CVSS_EnvironmentalVector": "CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND)",
+  "CVSS_Exploitability": "Not Defined (ND)",
+  "CVSS_IntegrityImpact": "--",
+  "CVSS_RemediationLevel": "Not Defined (ND)",
+  "CVSS_ReportConfidence": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsAR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsCR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsIR": "Not Defined (ND)",
+  "CVSS_TargetDistribution": "Not Defined (ND)",
+  "CVSS_TemporalScore": 0,
+  "CVSS_TemporalVector": "E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND)",
   "DateCreated": "2005-03-03T10:37:37-05:00",
   "DateFirstPublished": "",
   "DateLastUpdated": "2005-03-03T17:05:00-05:00",

data/23/vu_991123/vu_991123.json

@@ -12,26 +12,26 @@
   "CAM_WidelyKnown": "0",
   "CERTAdvisory": "",
   "CVEIDs": "CVE-2008-2960",
-  "CVSS_AccessComplexity": "",
-  "CVSS_AccessVector": "",
-  "CVSS_Authenication": "",
-  "CVSS_AvailabilityImpact": "",
-  "CVSS_BaseScore": "",
-  "CVSS_BaseVector": "",
-  "CVSS_CollateralDamagePotential": "",
-  "CVSS_ConfidentialityImpact": "",
-  "CVSS_EnvironmentalScore": "",
-  "CVSS_EnvironmentalVector": "",
-  "CVSS_Exploitability": "",
-  "CVSS_IntegrityImpact": "",
-  "CVSS_RemediationLevel": "",
-  "CVSS_ReportConfidence": "",
-  "CVSS_SecurityRequirementsAR": "",
-  "CVSS_SecurityRequirementsCR": "",
-  "CVSS_SecurityRequirementsIR": "",
-  "CVSS_TargetDistribution": "",
-  "CVSS_TemporalScore": "",
-  "CVSS_TemporalVector": "",
+  "CVSS_AccessComplexity": "--",
+  "CVSS_AccessVector": "--",
+  "CVSS_Authenication": "--",
+  "CVSS_AvailabilityImpact": "--",
+  "CVSS_BaseScore": 0,
+  "CVSS_BaseVector": "AV:--/AC:--/Au:--/C:--/I:--/A:--",
+  "CVSS_CollateralDamagePotential": "Not Defined (ND)",
+  "CVSS_ConfidentialityImpact": "--",
+  "CVSS_EnvironmentalScore": 0,
+  "CVSS_EnvironmentalVector": "CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND)",
+  "CVSS_Exploitability": "Not Defined (ND)",
+  "CVSS_IntegrityImpact": "--",
+  "CVSS_RemediationLevel": "Not Defined (ND)",
+  "CVSS_ReportConfidence": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsAR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsCR": "Not Defined (ND)",
+  "CVSS_SecurityRequirementsIR": "Not Defined (ND)",
+  "CVSS_TargetDistribution": "Not Defined (ND)",
+  "CVSS_TemporalScore": 0,
+  "CVSS_TemporalVector": "E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND)",
   "DateCreated": "2008-06-25T08:24:36-04:00",
   "DateFirstPublished": "",
   "DateLastUpdated": "2008-07-07T08:14:00-04:00",