VAR-201906-1018
Vulnerability from variot - Updated: 2024-12-28 22:51BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1 Build 13, This does not impact the latest firmware Versions 1.3.2 and 1.6.1, Additionally, the following products using software Version 2.3.6 and below, Alaris GS, Alaris GH, Alaris CC, Alaris TIVA, The application does not restrict the upload of malicious files during a firmware update. plural BD Alaris The product contains an unrestricted file upload vulnerability of a dangerous type.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. BDAlarisGatewayWorkstation and others are products of BD Biotech. BDAlarisGatewayWorkstation is a smart infusion system. BDAlarisGS is a medical syringe pump. BDAlarisGH is a medical syringe pump. BDAlarisGatewayWorkstation has any file upload vulnerabilities. An attacker could exploit these vulnerabilities to upload arbitrary files to an affected computer, which could result in arbitrary code being executed in the context of a vulnerable application. BD Alaris Gateway Workstation is prone to an arbitrary file-upload vulnerability. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-1018",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "alaris gateway workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "bd",
"version": "1.1.3"
},
{
"model": "alaris gs syringe pump",
"scope": "lte",
"trust": 1.0,
"vendor": "bd",
"version": "2.3.6"
},
{
"model": "alaris cc syringe pump",
"scope": "lte",
"trust": 1.0,
"vendor": "bd",
"version": "2.3.6"
},
{
"model": "alaris gateway workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "bd",
"version": "1.3.1"
},
{
"model": "alaris gateway workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "bd",
"version": "1.2"
},
{
"model": "alaris gh syringe pump",
"scope": "lte",
"trust": 1.0,
"vendor": "bd",
"version": "2.3.6"
},
{
"model": "alaris tiva syringe pump",
"scope": "lte",
"trust": 1.0,
"vendor": "bd",
"version": "2.3.6"
},
{
"model": "alaris gateway workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "bd",
"version": "1.3.0"
},
{
"model": "alaris gateway workstation build",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.1.310"
},
{
"model": "alaris gateway workstation mr build",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.1.311"
},
{
"model": "alaris gateway workstation build",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.215"
},
{
"model": "alaris gateway workstation build",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.3.113"
},
{
"model": "alaris tiva",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "2.0"
},
{
"model": "alaris tiva",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.9.4"
},
{
"model": "alaris tiva",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.5.10"
},
{
"model": "alaris tiva",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "2.3.6"
},
{
"model": "alaris gs",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "2.3.6"
},
{
"model": "alaris gs",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "2.0"
},
{
"model": "alaris gs",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.9.4"
},
{
"model": "alaris gs",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.5.10"
},
{
"model": "alaris gh",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "2.3.6"
},
{
"model": "alaris gh",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "2.0"
},
{
"model": "alaris gh",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.9.4"
},
{
"model": "alaris gh",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.5.10"
},
{
"model": "alaris cc",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "2.3.6"
},
{
"model": "alaris cc",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "2.0"
},
{
"model": "alaris cc",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.9.4"
},
{
"model": "alaris cc",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.5.10"
},
{
"model": "alaris cc",
"scope": null,
"trust": 0.8,
"vendor": "becton dickinson and bd",
"version": null
},
{
"model": "alaris gs",
"scope": null,
"trust": 0.8,
"vendor": "becton dickinson and bd",
"version": null
},
{
"model": "alaris gateway workstation",
"scope": null,
"trust": 0.8,
"vendor": "becton dickinson and bd",
"version": null
},
{
"model": "alaris gh",
"scope": null,
"trust": 0.8,
"vendor": "becton dickinson and bd",
"version": null
},
{
"model": "alaris tiva",
"scope": null,
"trust": 0.8,
"vendor": "becton dickinson and bd",
"version": null
},
{
"model": "alaris gateway workstation build",
"scope": "eq",
"trust": 0.6,
"vendor": "bd",
"version": "1.3.014"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "alaris gateway workstation",
"version": "1.1.3"
},
{
"model": "alaris gateway workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "1.314"
},
{
"model": "alaris gateway workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "bd",
"version": "1.6.1"
},
{
"model": "alaris gateway workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "bd",
"version": "1.3.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "alaris gateway workstation",
"version": "1.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "alaris gateway workstation",
"version": "1.3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "alaris gateway workstation",
"version": "1.3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "alaris gs syringe pump",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "alaris gh syringe pump",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "alaris cc syringe pump",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "alaris tiva syringe pump",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "4bce67f0-9e61-40ad-ada7-e0d95bc8b31b"
},
{
"db": "CNVD",
"id": "CNVD-2019-21241"
},
{
"db": "BID",
"id": "108765"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005675"
},
{
"db": "NVD",
"id": "CVE-2019-10959"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Elad Luz of CyberMDX reported these vulnerabilities to NCCIC.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-587"
}
],
"trust": 0.6
},
"cve": "CVE-2019-10959",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-10959",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-21241",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "4bce67f0-9e61-40ad-ada7-e0d95bc8b31b",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-142557",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10959",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10959",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-10959",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-21241",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-587",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "4bce67f0-9e61-40ad-ada7-e0d95bc8b31b",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-142557",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-10959",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4bce67f0-9e61-40ad-ada7-e0d95bc8b31b"
},
{
"db": "CNVD",
"id": "CNVD-2019-21241"
},
{
"db": "VULHUB",
"id": "VHN-142557"
},
{
"db": "VULMON",
"id": "CVE-2019-10959"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005675"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-587"
},
{
"db": "NVD",
"id": "CVE-2019-10959"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1 Build 13, This does not impact the latest firmware Versions 1.3.2 and 1.6.1, Additionally, the following products using software Version 2.3.6 and below, Alaris GS, Alaris GH, Alaris CC, Alaris TIVA, The application does not restrict the upload of malicious files during a firmware update. plural BD Alaris The product contains an unrestricted file upload vulnerability of a dangerous type.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. BDAlarisGatewayWorkstation and others are products of BD Biotech. BDAlarisGatewayWorkstation is a smart infusion system. BDAlarisGS is a medical syringe pump. BDAlarisGH is a medical syringe pump. BDAlarisGatewayWorkstation has any file upload vulnerabilities. An attacker could exploit these vulnerabilities to upload arbitrary files to an affected computer, which could result in arbitrary code being executed in the context of a vulnerable application. BD Alaris Gateway Workstation is prone to an arbitrary file-upload vulnerability. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10959"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005675"
},
{
"db": "CNVD",
"id": "CNVD-2019-21241"
},
{
"db": "BID",
"id": "108765"
},
{
"db": "IVD",
"id": "4bce67f0-9e61-40ad-ada7-e0d95bc8b31b"
},
{
"db": "VULHUB",
"id": "VHN-142557"
},
{
"db": "VULMON",
"id": "CVE-2019-10959"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10959",
"trust": 4.5
},
{
"db": "ICS CERT",
"id": "ICSMA-19-164-01",
"trust": 2.9
},
{
"db": "BID",
"id": "108765",
"trust": 2.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.2118",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201906-587",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-21241",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005675",
"trust": 0.8
},
{
"db": "IVD",
"id": "4BCE67F0-9E61-40AD-ADA7-E0D95BC8B31B",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-142557",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-10959",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "4bce67f0-9e61-40ad-ada7-e0d95bc8b31b"
},
{
"db": "CNVD",
"id": "CNVD-2019-21241"
},
{
"db": "VULHUB",
"id": "VHN-142557"
},
{
"db": "VULMON",
"id": "CVE-2019-10959"
},
{
"db": "BID",
"id": "108765"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005675"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-587"
},
{
"db": "NVD",
"id": "CVE-2019-10959"
}
]
},
"id": "VAR-201906-1018",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4bce67f0-9e61-40ad-ada7-e0d95bc8b31b"
},
{
"db": "CNVD",
"id": "CNVD-2019-21241"
},
{
"db": "VULHUB",
"id": "VHN-142557"
}
],
"trust": 1.5944444500000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4bce67f0-9e61-40ad-ada7-e0d95bc8b31b"
},
{
"db": "CNVD",
"id": "CNVD-2019-21241"
}
]
},
"last_update_date": "2024-12-28T22:51:37.582000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Alaris\u00a0Gateway\u00a0Workstation\u00a0Unauthorized\u00a0Firmware",
"trust": 0.8,
"url": "https://www.bd.com/en-us/support/product-security-and-privacy/product-security-bulletins/alaris-gateway-workstation-unauthorized-firmware"
},
{
"title": "BDAlarisGatewayWorkstation patch for arbitrary file upload vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/167055"
},
{
"title": "Multiple BD Product code issue vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93808"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2019/06/13/medical_workstation_vulnerabilities/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-21241"
},
{
"db": "VULMON",
"id": "CVE-2019-10959"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005675"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-587"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-434",
"trust": 1.1
},
{
"problemtype": "Unlimited uploads of dangerous types of files (CWE-434) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": " Unlimited uploads of dangerous types of files (CWE-434) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142557"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005675"
},
{
"db": "NVD",
"id": "CVE-2019-10959"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-164-01"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/108765"
},
{
"trust": 2.0,
"url": "https://www.bd.com/en-us/support/product-security-and-privacy/product-security-bulletins/alaris-gateway-workstation-unauthorized-firmware"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10959"
},
{
"trust": 1.2,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2118/"
},
{
"trust": 0.9,
"url": "http://www.bd.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/434.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-21241"
},
{
"db": "VULHUB",
"id": "VHN-142557"
},
{
"db": "VULMON",
"id": "CVE-2019-10959"
},
{
"db": "BID",
"id": "108765"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005675"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-587"
},
{
"db": "NVD",
"id": "CVE-2019-10959"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4bce67f0-9e61-40ad-ada7-e0d95bc8b31b"
},
{
"db": "CNVD",
"id": "CNVD-2019-21241"
},
{
"db": "VULHUB",
"id": "VHN-142557"
},
{
"db": "VULMON",
"id": "CVE-2019-10959"
},
{
"db": "BID",
"id": "108765"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005675"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-587"
},
{
"db": "NVD",
"id": "CVE-2019-10959"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-04T00:00:00",
"db": "IVD",
"id": "4bce67f0-9e61-40ad-ada7-e0d95bc8b31b"
},
{
"date": "2019-07-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-21241"
},
{
"date": "2019-06-13T00:00:00",
"db": "VULHUB",
"id": "VHN-142557"
},
{
"date": "2019-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2019-10959"
},
{
"date": "2019-06-13T00:00:00",
"db": "BID",
"id": "108765"
},
{
"date": "2019-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005675"
},
{
"date": "2019-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-587"
},
{
"date": "2019-06-13T21:29:15.817000",
"db": "NVD",
"id": "CVE-2019-10959"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-21241"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-142557"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2019-10959"
},
{
"date": "2019-06-13T00:00:00",
"db": "BID",
"id": "108765"
},
{
"date": "2024-12-27T03:10:00",
"db": "JVNDB",
"id": "JVNDB-2019-005675"
},
{
"date": "2019-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-587"
},
{
"date": "2024-11-21T04:20:14.217000",
"db": "NVD",
"id": "CVE-2019-10959"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-587"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0BD\u00a0Alaris\u00a0 Unrestricted Upload of Dangerous File Types Vulnerability in Products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005675"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "4bce67f0-9e61-40ad-ada7-e0d95bc8b31b"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-587"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…