[Git][security-tracker-team/security-tracker][master] Process some IBM specific CVEs as NFU

Salvatore Bonaccorso carnil at debian.org
Tue Jan 28 20:26:52 GMT 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e4ca9aab by Salvatore Bonaccorso at 2020-01-28T21:25:05+01:00
Process some IBM specific CVEs as NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9105,7 +9105,7 @@ CVE-2020-4209
 CVE-2020-4208
 	RESERVED
 CVE-2020-4207 (IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4206
 	RESERVED
 CVE-2020-4205
@@ -61869,7 +61869,7 @@ CVE-2019-4709
 CVE-2019-4708
 	RESERVED
 CVE-2019-4707 (IBM Security Access Manager Appliance 9.0.7.0 is vulnerable to an XML  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4706
 	RESERVED
 CVE-2019-4705
@@ -61925,7 +61925,7 @@ CVE-2019-4681
 CVE-2019-4680
 	RESERVED
 CVE-2019-4679 (IBM Content Navigator 3.0CD could allow an authenticated user to gain  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4678
 	RESERVED
 CVE-2019-4677
@@ -62005,23 +62005,23 @@ CVE-2019-4641
 CVE-2019-4640
 	RESERVED
 CVE-2019-4639 (IBM Security Secret Server 10.7 uses weaker than expected cryptographi ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4638 (IBM Security Secret Server 10.7 does not set the secure attribute on a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4637 (IBM Security Secret Server 10.7 uses incomplete blacklisting for input ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4636 (IBM Security Secret Server 10.7 could disclose sensitive information t ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4635 (IBM Security Secret Server 10.7 could allow a privileged user to perfo ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4634
 	RESERVED
 CVE-2019-4633 (IBM Security Secret Server 10.7 could allow an attacker to obtain sens ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4632 (IBM Security Secret Server 10.7 is vulnerable to cross-site scripting. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4631 (IBM Security Secret Server 10.7 could allow a remote attacker to condu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4630
 	RESERVED
 CVE-2019-4629
@@ -62043,7 +62043,7 @@ CVE-2019-4622
 CVE-2019-4621 (IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2 ...)
 	NOT-FOR-US: IBM
 CVE-2019-4620 (IBM MQ Appliance 8.0 and 9.0 LTS could allow a local attacker to bypas ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4619
 	RESERVED
 CVE-2019-4618
@@ -62055,7 +62055,7 @@ CVE-2019-4616
 CVE-2019-4615
 	RESERVED
 CVE-2019-4614 (IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS client connecting to a Que ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4613
 	RESERVED
 CVE-2019-4612 (IBM Planning Analytics 2.0 is vulnerable to malicious file upload in t ...)
@@ -62147,7 +62147,7 @@ CVE-2019-4570 (IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an err
 CVE-2019-4569 (IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cr ...)
 	NOT-FOR-US: IBM
 CVE-2019-4568 (IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS could allow a remote attac ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4567
 	RESERVED
 CVE-2019-4566 (IBM Security Key Lifecycle Manager 3.0 and 3.0.1 stores user credentia ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e4ca9aabe35cd542a7128484361c83ccbf26c349

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e4ca9aabe35cd542a7128484361c83ccbf26c349
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200128/8084c9c7/attachment.html>


More information about the debian-security-tracker-commits mailing list