zaghaghi · May 5, 2019 19:41
diff --git a/CVE-2019-0240.json b/CVE-2019-0240.json
 {
    "cve" : {
      "data_type" : "CVE",
      "data_format" : "MITRE",
      "data_version" : "4.0",
      "CVE_data_meta" : {
        "ID" : "CVE-2019-0240",
        "ASSIGNER" : "[email protected]"
      },
      "affects" : {
        "vendor" : {
          "vendor_data" : [ ]
        }
      },
      "problemtype" : {
        "problemtype_data" : [ {
          "description" : [ {
            "lang" : "en",
            "value" : "CWE-20"
          } ]
        } ]
      },
      "references" : {
        "reference_data" : [ {
          "url" : "http://www.securityfocus.com/bid/106470",
          "name" : "106470",
          "refsource" : "BID",
          "tags" : [ "Third Party Advisory", "VDB Entry" ]
        }, {
          "url" : "https://launchpad.support.sap.com/#/notes/2724059",
          "name" : "https://launchpad.support.sap.com/#/notes/2724059",
          "refsource" : "MISC",
          "tags" : [ "Permissions Required", "Vendor Advisory" ]
        }, {
          "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985",
          "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985",
          "refsource" : "MISC",
          "tags" : [ "Vendor Advisory" ]
        } ]
      },
      "description" : {
        "description_data" : [ {
          "lang" : "en",
          "value" : "SAP Business Objects Mobile for Android (before 6.3.5) application allows an attacker to provide malicious input in the form of a SAP BI link, preventing legitimate users from accessing the application by crashing it."
        } ]
      }
    },
    "configurations" : {
      "CVE_data_version" : "4.0",
      "nodes" : [ {
        "operator" : "OR",
        "cpe_match" : [ {
          "vulnerable" : true,
          "cpe23Uri" : "cpe:2.3:a:sap:businessobjects_mobile:*:*:*:*:*:android:*:*",
          "versionEndExcluding" : "6.3.5"
        } ]
      } ]
    },
    "impact" : {
      "baseMetricV3" : {
        "cvssV3" : {
          "version" : "3.0",
          "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "attackVector" : "NETWORK",
          "attackComplexity" : "LOW",
          "privilegesRequired" : "NONE",
          "userInteraction" : "NONE",
          "scope" : "UNCHANGED",
          "confidentialityImpact" : "NONE",
          "integrityImpact" : "NONE",
          "availabilityImpact" : "HIGH",
          "baseScore" : 7.5,
          "baseSeverity" : "HIGH"
        },
        "exploitabilityScore" : 3.9,
        "impactScore" : 3.6
      },
      "baseMetricV2" : {
        "cvssV2" : {
          "version" : "2.0",
          "vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "accessVector" : "NETWORK",
          "accessComplexity" : "LOW",
          "authentication" : "NONE",
          "confidentialityImpact" : "NONE",
          "integrityImpact" : "NONE",
          "availabilityImpact" : "PARTIAL",
          "baseScore" : 5.0
        },
        "severity" : "MEDIUM",
        "exploitabilityScore" : 10.0,
        "impactScore" : 2.9,
        "acInsufInfo" : false,
        "obtainAllPrivilege" : false,
        "obtainUserPrivilege" : false,
        "obtainOtherPrivilege" : false,
        "userInteractionRequired" : false
      }
    },
    "publishedDate" : "2019-01-08T20:29Z",
    "lastModifiedDate" : "2019-01-17T15:00Z"
  }
	{
	"cve" : {
	"data_type" : "CVE",
	"data_format" : "MITRE",
	"data_version" : "4.0",
	"CVE_data_meta" : {
	"ID" : "CVE-2019-0240",
	"ASSIGNER" : "[email protected]"
	},
	"affects" : {
	"vendor" : {
	"vendor_data" : [ ]
	}
	},
	"problemtype" : {
	"problemtype_data" : [ {
	"description" : [ {
	"lang" : "en",
	"value" : "CWE-20"
	} ]
	} ]
	},
	"references" : {
	"reference_data" : [ {
	"url" : "http://www.securityfocus.com/bid/106470",
	"name" : "106470",
	"refsource" : "BID",
	"tags" : [ "Third Party Advisory", "VDB Entry" ]
	}, {
	"url" : "https://launchpad.support.sap.com/#/notes/2724059",
	"name" : "https://launchpad.support.sap.com/#/notes/2724059",
	"refsource" : "MISC",
	"tags" : [ "Permissions Required", "Vendor Advisory" ]
	}, {
	"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985",
	"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985",
	"refsource" : "MISC",
	"tags" : [ "Vendor Advisory" ]
	} ]
	},
	"description" : {
	"description_data" : [ {
	"lang" : "en",
	"value" : "SAP Business Objects Mobile for Android (before 6.3.5) application allows an attacker to provide malicious input in the form of a SAP BI link, preventing legitimate users from accessing the application by crashing it."
	} ]
	}
	},
	"configurations" : {
	"CVE_data_version" : "4.0",
	"nodes" : [ {
	"operator" : "OR",
	"cpe_match" : [ {
	"vulnerable" : true,
	"cpe23Uri" : "cpe:2.3:a:sap:businessobjects_mobile::::::android::*",
	"versionEndExcluding" : "6.3.5"
	} ]
	} ]
	},
	"impact" : {
	"baseMetricV3" : {
	"cvssV3" : {
	"version" : "3.0",
	"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
	"attackVector" : "NETWORK",
	"attackComplexity" : "LOW",
	"privilegesRequired" : "NONE",
	"userInteraction" : "NONE",
	"scope" : "UNCHANGED",
	"confidentialityImpact" : "NONE",
	"integrityImpact" : "NONE",
	"availabilityImpact" : "HIGH",
	"baseScore" : 7.5,
	"baseSeverity" : "HIGH"
	},
	"exploitabilityScore" : 3.9,
	"impactScore" : 3.6
	},
	"baseMetricV2" : {
	"cvssV2" : {
	"version" : "2.0",
	"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
	"accessVector" : "NETWORK",
	"accessComplexity" : "LOW",
	"authentication" : "NONE",
	"confidentialityImpact" : "NONE",
	"integrityImpact" : "NONE",
	"availabilityImpact" : "PARTIAL",
	"baseScore" : 5.0
	},
	"severity" : "MEDIUM",
	"exploitabilityScore" : 10.0,
	"impactScore" : 2.9,
	"acInsufInfo" : false,
	"obtainAllPrivilege" : false,
	"obtainUserPrivilege" : false,
	"obtainOtherPrivilege" : false,
	"userInteractionRequired" : false
	}
	},
	"publishedDate" : "2019-01-08T20:29Z",
	"lastModifiedDate" : "2019-01-17T15:00Z"
	}