[Secure-testing-commits] r53920 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Jul 25 21:21:42 UTC 2017 

Author: jmm
Date: 2017-07-25 21:21:42 +0000 (Tue, 25 Jul 2017)
New Revision: 53920

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-25 21:10:17 UTC (rev 53919)
+++ data/CVE/list	2017-07-25 21:21:42 UTC (rev 53920)
@@ -1,19 +1,19 @@
 CVE-2017-11618
 	RESERVED
 CVE-2017-11617 (Cross-site scripting (XSS) vulnerability in atmail prior to version ...)
-	TODO: check
+	- atmailopen <removed>
 CVE-2017-11616
 	RESERVED
 CVE-2017-11615
 	RESERVED
 CVE-2017-11614 (MEDHOST Connex contains hard-coded credentials that are used for ...)
-	TODO: check
+	NOT-FOR-US: MEDHOST Connex
 CVE-2017-11613
 	RESERVED
 CVE-2017-11612
 	RESERVED
 CVE-2016-10401 (ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it ...)
-	TODO: check
+	NOT-FOR-US: ZyXEL
 CVE-2017-11611
 	RESERVED
 CVE-2017-11610
@@ -389,13 +389,13 @@
 CVE-2017-11461
 	RESERVED
 CVE-2017-11460 (Cross-site scripting (XSS) vulnerability in the DataArchivingService ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2017-11459 (SAP TREX 7.10 allows remote attackers to (1) read arbitrary files via ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2017-11458 (Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2017-11457 (XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2017-11456 (Geneko GWR routers allow directory traversal sequences starting with a ...)
 	NOT-FOR-US: Geneko GWR routers
 CVE-2017-11455
@@ -7474,7 +7474,7 @@
 CVE-2017-8920 (irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the ...)
 	- cgiirc <removed>
 CVE-2017-8919 (NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password ...)
-	TODO: check
+	NOT-FOR-US: NetApp
 CVE-2017-8918
 	RESERVED
 CVE-2017-8917 (SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows ...)
@@ -9752,13 +9752,13 @@
 CVE-2017-8037
 	RESERVED
 CVE-2017-8036 (An issue was discovered in the Cloud Controller API in Cloud Foundry ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry
 CVE-2017-8035 (An issue was discovered in the Cloud Controller API in Cloud Foundry ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry
 CVE-2017-8034 (The Cloud Controller and Router in Cloud Foundry (CAPI-release capi ...)
 	NOT-FOR-US: Cloud Foundry
 CVE-2017-8033 (An issue was discovered in the Cloud Controller API in Cloud Foundry ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry
 CVE-2017-8032 (In Cloud Foundry cf-release versions prior to v264; UAA release all ...)
 	NOT-FOR-US: Cloud Foundry
 CVE-2017-8031
@@ -13915,25 +13915,25 @@
 CVE-2017-6756
 	RESERVED
 CVE-2017-6755 (A vulnerability in the web portal of the Cisco Prime Collaboration ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6754
 	RESERVED
 CVE-2017-6753 (A vulnerability in Cisco WebEx browser extensions for Google Chrome and ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6752
 	RESERVED
 CVE-2017-6751 (A vulnerability in the web proxy functionality of the Cisco Web ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6750 (A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6749 (A vulnerability in the web-based management interface of Cisco Web ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6748 (A vulnerability in the CLI parser of the Cisco Web Security Appliance ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6747
 	RESERVED
 CVE-2017-6746 (A vulnerability in the web interface of the Cisco Web Security ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6745
 	RESERVED
 CVE-2017-6744 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
@@ -14081,7 +14081,7 @@
 CVE-2017-6673 (A vulnerability in Cisco Firepower Management Center could allow an ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6672 (A vulnerability in certain filtering mechanisms of access control lists ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6671 (A vulnerability in the email message scanning of Cisco AsyncOS Software ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6670 (A vulnerability in the web-based GUI of Cisco Unified Communications ...)
@@ -14201,7 +14201,7 @@
 CVE-2017-6613 (A vulnerability in the DNS input packet processor for Cisco Prime ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6612 (A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6611 (A vulnerability in the web framework code of Cisco Prime Infrastructure ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6610 (A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH ...)
@@ -28913,11 +28913,11 @@
 CVE-2017-1383
 	RESERVED
 CVE-2017-1382 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1381 (IBM WebSphere Application Server Proxy Server or On-demand-router ...)
 	NOT-FOR-US: IBM
 CVE-2017-1380 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1379 (IBM API Connect 5.0.0.0 could allow a remote attacker to obtain ...)
 	NOT-FOR-US: IBM
 CVE-2017-1378
@@ -29103,7 +29103,7 @@
 CVE-2017-1288
 	RESERVED
 CVE-2017-1287 (IBM Rhapsody DM 5.0 and 6.0 could allow a remote attacker to conduct ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1286
 	RESERVED
 CVE-2017-1285 (IBM WebSphere MQ 9.0.1 and 9.0.2 could allow an authenticated user ...)
@@ -29179,7 +29179,7 @@
 CVE-2017-1250
 	RESERVED
 CVE-2017-1249 (IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1248
 	RESERVED
 CVE-2017-1247 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to ...)
@@ -29187,7 +29187,7 @@
 CVE-2017-1246
 	RESERVED
 CVE-2017-1245 (IBM Rational Software Architect Design Manager 5.0 and 6.0 is ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1244
 	RESERVED
 CVE-2017-1243
@@ -34037,7 +34037,7 @@
 CVE-2016-8976
 	RESERVED
 CVE-2016-8975 (IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-8974 (IBM Rhapsody DM 4.0, 5.0 and 6.0 is vulnerable to a denial of service, ...)
 	NOT-FOR-US: IBM
 CVE-2016-8973 (IBM Rhapsody DM 4.0, 5.0 and 6.0 contains an undisclosed vulnerability ...)
@@ -43568,7 +43568,7 @@
 CVE-2016-6119
 	RESERVED
 CVE-2016-6118 (IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-6117 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 can be deployed with ...)
 	NOT-FOR-US: IBM
 CVE-2016-6116 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 could allow a remote ...)
@@ -75155,9 +75155,9 @@
 CVE-2015-4464
 	RESERVED
 CVE-2015-4463 (Unrestricted file upload vulnerability in eFront CMS before 3.6.15.5 ...)
-	TODO: check
+	NOT-FOR-US: eFront CMS
 CVE-2015-4462 (Unrestricted file upload vulnerability in eFront CMS before 3.6.15.5 ...)
-	TODO: check
+	NOT-FOR-US: eFront CMS
 CVE-2015-4461
 	RESERVED
 CVE-2015-4460 (Cross-site request forgery (CSRF) vulnerability in ...)

More information about the Secure-testing-commits mailing list