VAR-201903-1428
Vulnerability from variot - Updated: 2023-12-18 13:56The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker were able to replace the initial boot firmware image with a very carefully crafted and sufficiently large, malicious replacement, it could cause the bootloader, during the load of that image, to overwrite its own instruction memory and circumvent secure boot protections, install trojans, etc. IBM X-Force ID: 154345. Vendors have confirmed this vulnerability IBM X-Force ID: 154345 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IBM Power System S922 and so on are all server equipment based on Power processor of American IBM company. Attackers can use this vulnerability to overwrite the bootloader's instruction memory, bypass safe boot protection, and install Trojan horse programs
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-1428",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "power system ac922",
"scope": null,
"trust": 2.4,
"vendor": "ibm",
"version": null
},
{
"model": "power system ac922 \\",
"scope": "lt",
"trust": 2.0,
"vendor": "ibm",
"version": "op920.10"
},
{
"model": "power system s922",
"scope": null,
"trust": 1.4,
"vendor": "ibm",
"version": null
},
{
"model": "power system h922 \\",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "fw910.10"
},
{
"model": "power system ac922 \\",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "op910.30"
},
{
"model": "power system s922 \\",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "fw910.10"
},
{
"model": "power system h924 \\",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "fw910.10"
},
{
"model": "power system s914 \\",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "fw910.10"
},
{
"model": "power system lc921 \\",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "op920.10"
},
{
"model": "power system l922 \\",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "fw910.10"
},
{
"model": "power system lc922 \\",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "op920.10"
},
{
"model": "power system s924 \\",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "fw910.10"
},
{
"model": "power system h922",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "power system h924",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "power system l922",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "power system lc921",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "power system lc922",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "power system s914",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "power system s924",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "power fw910",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "9"
},
{
"model": "power op920",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "9"
},
{
"model": "power op910",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "9"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-19868"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003090"
},
{
"db": "NVD",
"id": "CVE-2018-1992"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ibm:power_system_s922_\\(9009-22a\\)_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "fw910.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ibm:power_system_s922_\\(9009-22a\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ibm:power_system_h922_\\(9223-22h\\)_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "fw910.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ibm:power_system_h922_\\(9223-22h\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ibm:power_system_s914_\\(9009-41a\\)_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "fw910.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ibm:power_system_s914_\\(9009-41a\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ibm:power_system_s924_\\(9009-42a\\)_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "fw910.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ibm:power_system_s924_\\(9009-42a\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ibm:power_system_h924_\\(9223-42h\\)_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "fw910.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ibm:power_system_h924_\\(9223-42h\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ibm:power_system_l922_\\(9008-22l\\)_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "fw910.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ibm:power_system_l922_\\(9008-22l\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ibm:power_system_ac922_\\(8335-gtg\\)_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "op910.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ibm:power_system_ac922_\\(8335-gtg\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ibm:power_system_ac922_\\(8335-gth\\)_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "op920.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ibm:power_system_ac922_\\(8335-gth\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ibm:power_system_ac922_\\(8335-gtx\\)_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "op920.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ibm:power_system_ac922_\\(8335-gtx\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ibm:power_system_lc921_\\(9006-12p\\)_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "op920.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ibm:power_system_lc921_\\(9006-12p\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ibm:power_system_lc922_\\(9006-22p\\)_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "op920.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ibm:power_system_lc922_\\(9006-22p\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1992"
}
]
},
"cve": "CVE-2018-1992",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.9,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-1992",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CNVD-2020-19868",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.4,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-1992",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-1992",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1992",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2020-19868",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-694",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-19868"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003090"
},
{
"db": "NVD",
"id": "CVE-2018-1992"
},
{
"db": "NVD",
"id": "CVE-2018-1992"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-694"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The IBM Power 9 OP910, OP920, and FW910 boot firmware\u0027s bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system\u0027s hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker were able to replace the initial boot firmware image with a very carefully crafted and sufficiently large, malicious replacement, it could cause the bootloader, during the load of that image, to overwrite its own instruction memory and circumvent secure boot protections, install trojans, etc. IBM X-Force ID: 154345. Vendors have confirmed this vulnerability IBM X-Force ID: 154345 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IBM Power System S922 and so on are all server equipment based on Power processor of American IBM company. Attackers can use this vulnerability to overwrite the bootloader\u0027s instruction memory, bypass safe boot protection, and install Trojan horse programs",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1992"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003090"
},
{
"db": "CNVD",
"id": "CNVD-2020-19868"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1992",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003090",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-19868",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0939",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201903-694",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-19868"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003090"
},
{
"db": "NVD",
"id": "CVE-2018-1992"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-694"
}
]
},
"id": "VAR-201903-1428",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-19868"
}
],
"trust": 1.2666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-19868"
}
]
},
"last_update_date": "2023-12-18T13:56:46.361000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0868992",
"trust": 0.8,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10868992"
},
{
"title": "ibm-power9-cve20181992-code-exec (154345)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/154345"
},
{
"title": "Patch for Multiple IBM product buffer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/211339"
},
{
"title": "Multiple IBM Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=90247"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-19868"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003090"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-694"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003090"
},
{
"db": "NVD",
"id": "CVE-2018-1992"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/154345"
},
{
"trust": 1.6,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10868992"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1992"
},
{
"trust": 1.2,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10868992"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1992"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/77590"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/ibm-power-9-buffer-overflow-via-boot-loader-28826"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-19868"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003090"
},
{
"db": "NVD",
"id": "CVE-2018-1992"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-694"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-19868"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003090"
},
{
"db": "NVD",
"id": "CVE-2018-1992"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-694"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-19868"
},
{
"date": "2019-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003090"
},
{
"date": "2019-03-21T16:00:33.107000",
"db": "NVD",
"id": "CVE-2018-1992"
},
{
"date": "2019-03-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-694"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-19868"
},
{
"date": "2019-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003090"
},
{
"date": "2019-10-09T23:39:29.167000",
"db": "NVD",
"id": "CVE-2018-1992"
},
{
"date": "2019-10-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-694"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-694"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural IBM Power 9 Product buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003090"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-694"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…