Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for _ibm_rational_lifecycle_integration_adapter_for_windchill by ibm

    CVE-2021-34587 (GCVE-0-2021-34587)

    Vulnerability from nvd – Published: 2022-04-27 15:15 – Updated: 2024-09-17 02:58
    VLAI
    Title
    Bender Charge Controller: Long URL could lead to webserver crash
    Summary
    In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable.
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Bender / ebee CC612 Affected: 5.11.x , < 5.11.2 (custom)
    Affected: 5.12.x , < 5.12.5 (custom)
    Affected: 5.13.x , < 5.13.2 (custom)
    Affected: 5.20.x , < 5.20.2 (custom)
    Create a notification for this product.
    Bender / ebee CC613 Affected: 5.11.x , < 5.11.2 (custom)
    Affected: 5.12.x , < 5.12.5 (custom)
    Affected: 5.13.x , < 5.13.2 (custom)
    Affected: 5.20.x , < 5.20.2 (custom)
    Create a notification for this product.
    Bender / ebee ICC15xx Affected: 5.11.x , < 5.11.2 (custom)
    Affected: 5.12.x , < 5.12.5 (custom)
    Affected: 5.13.x , < 5.13.2 (custom)
    Affected: 5.20.x , < 5.20.2 (custom)
    Create a notification for this product.
    Bender / ebee ICC16xx Affected: 5.11.x , < 5.11.2 (custom)
    Affected: 5.12.x , < 5.12.5 (custom)
    Affected: 5.13.x , < 5.13.2 (custom)
    Affected: 5.20.x , < 5.20.2 (custom)
    Create a notification for this product.
    Date Public
    2022-04-27 00:00
    Credits
    Bender thanks the IT security researchers at OpenSource Security GmbH for their thorough and in-depth work. The issue was coordinated by CERT@VDE.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:46.977Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2021-047"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "CC612",
              "vendor": "Bender / ebee",
              "versions": [
                {
                  "lessThan": "5.11.2",
                  "status": "affected",
                  "version": "5.11.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.12.5",
                  "status": "affected",
                  "version": "5.12.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.13.2",
                  "status": "affected",
                  "version": "5.13.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.20.2",
                  "status": "affected",
                  "version": "5.20.x",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "CC613",
              "vendor": "Bender / ebee",
              "versions": [
                {
                  "lessThan": "5.11.2",
                  "status": "affected",
                  "version": "5.11.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.12.5",
                  "status": "affected",
                  "version": "5.12.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.13.2",
                  "status": "affected",
                  "version": "5.13.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.20.2",
                  "status": "affected",
                  "version": "5.20.x",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "ICC15xx",
              "vendor": "Bender / ebee",
              "versions": [
                {
                  "lessThan": "5.11.2",
                  "status": "affected",
                  "version": "5.11.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.12.5",
                  "status": "affected",
                  "version": "5.12.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.13.2",
                  "status": "affected",
                  "version": "5.13.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.20.2",
                  "status": "affected",
                  "version": "5.20.x",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "ICC16xx",
              "vendor": "Bender / ebee",
              "versions": [
                {
                  "lessThan": "5.11.2",
                  "status": "affected",
                  "version": "5.11.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.12.5",
                  "status": "affected",
                  "version": "5.12.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.13.2",
                  "status": "affected",
                  "version": "5.13.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.20.2",
                  "status": "affected",
                  "version": "5.20.x",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Bender thanks the IT security researchers at OpenSource Security GmbH for their thorough and in-depth work. The issue was coordinated by CERT@VDE."
            }
          ],
          "datePublic": "2022-04-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-27T15:15:23.000Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert.vde.com/en/advisories/VDE-2021-047"
            }
          ],
          "source": {
            "advisory": "VDE-2021-047",
            "defect": [
              "CERT@VDE#64088"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Bender Charge Controller: Long URL could lead to webserver crash",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "info@cert.vde.com",
              "DATE_PUBLIC": "2022-04-27T10:00:00.000Z",
              "ID": "CVE-2021-34587",
              "STATE": "PUBLIC",
              "TITLE": "Bender Charge Controller: Long URL could lead to webserver crash"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "CC612",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.11.x",
                                "version_value": "5.11.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.12.x",
                                "version_value": "5.12.5"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.13.x",
                                "version_value": "5.13.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.20.x",
                                "version_value": "5.20.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "CC613",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.11.x",
                                "version_value": "5.11.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.12.x",
                                "version_value": "5.12.5"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.13.x",
                                "version_value": "5.13.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.20.x",
                                "version_value": "5.20.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "ICC15xx",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.11.x",
                                "version_value": "5.11.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.12.x",
                                "version_value": "5.12.5"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.13.x",
                                "version_value": "5.13.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.20.x",
                                "version_value": "5.20.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "ICC16xx",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.11.x",
                                "version_value": "5.11.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.12.x",
                                "version_value": "5.12.5"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.13.x",
                                "version_value": "5.13.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.20.x",
                                "version_value": "5.20.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Bender / ebee"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Bender thanks the IT security researchers at OpenSource Security GmbH for their thorough and in-depth work. The issue was coordinated by CERT@VDE."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121 Stack-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert.vde.com/en/advisories/VDE-2021-047",
                  "refsource": "CONFIRM",
                  "url": "https://cert.vde.com/en/advisories/VDE-2021-047"
                }
              ]
            },
            "source": {
              "advisory": "VDE-2021-047",
              "defect": [
                "CERT@VDE#64088"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2021-34587",
        "datePublished": "2022-04-27T15:15:24.084Z",
        "dateReserved": "2021-06-10T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:58:12.456Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-4815 (GCVE-0-2014-4815)

    Vulnerability from nvd – Published: 2014-12-12 02:00 – Updated: 2024-08-06 11:27
    VLAI
    Summary
    Session fixation vulnerability in IBM Rational Lifecycle Integration Adapter for Windchill 1.x before 1.0.1 allows remote attackers to hijack web sessions via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    Date Public
    2014-12-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T11:27:36.804Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ibm-rlia-cve20144815-fixation(95401)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95401"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691993"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-12-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Session fixation vulnerability in IBM Rational Lifecycle Integration Adapter for Windchill 1.x before 1.0.1 allows remote attackers to hijack web sessions via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "ibm-rlia-cve20144815-fixation(95401)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95401"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691993"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-4815",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Session fixation vulnerability in IBM Rational Lifecycle Integration Adapter for Windchill 1.x before 1.0.1 allows remote attackers to hijack web sessions via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ibm-rlia-cve20144815-fixation(95401)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95401"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21691993",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691993"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-4815",
        "datePublished": "2014-12-12T02:00:00.000Z",
        "dateReserved": "2014-07-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T11:27:36.804Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34587 (GCVE-0-2021-34587)

    Vulnerability from cvelistv5 – Published: 2022-04-27 15:15 – Updated: 2024-09-17 02:58
    VLAI
    Title
    Bender Charge Controller: Long URL could lead to webserver crash
    Summary
    In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable.
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Bender / ebee CC612 Affected: 5.11.x , < 5.11.2 (custom)
    Affected: 5.12.x , < 5.12.5 (custom)
    Affected: 5.13.x , < 5.13.2 (custom)
    Affected: 5.20.x , < 5.20.2 (custom)
    Create a notification for this product.
    Bender / ebee CC613 Affected: 5.11.x , < 5.11.2 (custom)
    Affected: 5.12.x , < 5.12.5 (custom)
    Affected: 5.13.x , < 5.13.2 (custom)
    Affected: 5.20.x , < 5.20.2 (custom)
    Create a notification for this product.
    Bender / ebee ICC15xx Affected: 5.11.x , < 5.11.2 (custom)
    Affected: 5.12.x , < 5.12.5 (custom)
    Affected: 5.13.x , < 5.13.2 (custom)
    Affected: 5.20.x , < 5.20.2 (custom)
    Create a notification for this product.
    Bender / ebee ICC16xx Affected: 5.11.x , < 5.11.2 (custom)
    Affected: 5.12.x , < 5.12.5 (custom)
    Affected: 5.13.x , < 5.13.2 (custom)
    Affected: 5.20.x , < 5.20.2 (custom)
    Create a notification for this product.
    Date Public
    2022-04-27 00:00
    Credits
    Bender thanks the IT security researchers at OpenSource Security GmbH for their thorough and in-depth work. The issue was coordinated by CERT@VDE.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:46.977Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2021-047"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "CC612",
              "vendor": "Bender / ebee",
              "versions": [
                {
                  "lessThan": "5.11.2",
                  "status": "affected",
                  "version": "5.11.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.12.5",
                  "status": "affected",
                  "version": "5.12.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.13.2",
                  "status": "affected",
                  "version": "5.13.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.20.2",
                  "status": "affected",
                  "version": "5.20.x",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "CC613",
              "vendor": "Bender / ebee",
              "versions": [
                {
                  "lessThan": "5.11.2",
                  "status": "affected",
                  "version": "5.11.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.12.5",
                  "status": "affected",
                  "version": "5.12.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.13.2",
                  "status": "affected",
                  "version": "5.13.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.20.2",
                  "status": "affected",
                  "version": "5.20.x",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "ICC15xx",
              "vendor": "Bender / ebee",
              "versions": [
                {
                  "lessThan": "5.11.2",
                  "status": "affected",
                  "version": "5.11.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.12.5",
                  "status": "affected",
                  "version": "5.12.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.13.2",
                  "status": "affected",
                  "version": "5.13.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.20.2",
                  "status": "affected",
                  "version": "5.20.x",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "ICC16xx",
              "vendor": "Bender / ebee",
              "versions": [
                {
                  "lessThan": "5.11.2",
                  "status": "affected",
                  "version": "5.11.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.12.5",
                  "status": "affected",
                  "version": "5.12.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.13.2",
                  "status": "affected",
                  "version": "5.13.x",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.20.2",
                  "status": "affected",
                  "version": "5.20.x",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Bender thanks the IT security researchers at OpenSource Security GmbH for their thorough and in-depth work. The issue was coordinated by CERT@VDE."
            }
          ],
          "datePublic": "2022-04-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-27T15:15:23.000Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert.vde.com/en/advisories/VDE-2021-047"
            }
          ],
          "source": {
            "advisory": "VDE-2021-047",
            "defect": [
              "CERT@VDE#64088"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Bender Charge Controller: Long URL could lead to webserver crash",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "info@cert.vde.com",
              "DATE_PUBLIC": "2022-04-27T10:00:00.000Z",
              "ID": "CVE-2021-34587",
              "STATE": "PUBLIC",
              "TITLE": "Bender Charge Controller: Long URL could lead to webserver crash"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "CC612",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.11.x",
                                "version_value": "5.11.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.12.x",
                                "version_value": "5.12.5"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.13.x",
                                "version_value": "5.13.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.20.x",
                                "version_value": "5.20.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "CC613",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.11.x",
                                "version_value": "5.11.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.12.x",
                                "version_value": "5.12.5"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.13.x",
                                "version_value": "5.13.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.20.x",
                                "version_value": "5.20.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "ICC15xx",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.11.x",
                                "version_value": "5.11.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.12.x",
                                "version_value": "5.12.5"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.13.x",
                                "version_value": "5.13.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.20.x",
                                "version_value": "5.20.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "ICC16xx",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.11.x",
                                "version_value": "5.11.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.12.x",
                                "version_value": "5.12.5"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.13.x",
                                "version_value": "5.13.2"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.20.x",
                                "version_value": "5.20.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Bender / ebee"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Bender thanks the IT security researchers at OpenSource Security GmbH for their thorough and in-depth work. The issue was coordinated by CERT@VDE."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121 Stack-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert.vde.com/en/advisories/VDE-2021-047",
                  "refsource": "CONFIRM",
                  "url": "https://cert.vde.com/en/advisories/VDE-2021-047"
                }
              ]
            },
            "source": {
              "advisory": "VDE-2021-047",
              "defect": [
                "CERT@VDE#64088"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2021-34587",
        "datePublished": "2022-04-27T15:15:24.084Z",
        "dateReserved": "2021-06-10T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:58:12.456Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-4815 (GCVE-0-2014-4815)

    Vulnerability from cvelistv5 – Published: 2014-12-12 02:00 – Updated: 2024-08-06 11:27
    VLAI
    Summary
    Session fixation vulnerability in IBM Rational Lifecycle Integration Adapter for Windchill 1.x before 1.0.1 allows remote attackers to hijack web sessions via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    Date Public
    2014-12-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T11:27:36.804Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ibm-rlia-cve20144815-fixation(95401)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95401"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691993"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-12-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Session fixation vulnerability in IBM Rational Lifecycle Integration Adapter for Windchill 1.x before 1.0.1 allows remote attackers to hijack web sessions via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "ibm-rlia-cve20144815-fixation(95401)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95401"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691993"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-4815",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Session fixation vulnerability in IBM Rational Lifecycle Integration Adapter for Windchill 1.x before 1.0.1 allows remote attackers to hijack web sessions via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ibm-rlia-cve20144815-fixation(95401)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95401"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21691993",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691993"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-4815",
        "datePublished": "2014-12-12T02:00:00.000Z",
        "dateReserved": "2014-07-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T11:27:36.804Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }