{"containers": {"cna": {"providerMetadata": {"dateUpdated": "2019-08-05T18:02:41", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "rejectedReasons": [{"lang": "en", "value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-4300. Reason: This candidate is a duplicate of CVE-2018-4300. Notes: All CVE users should reference CVE-2018-4300 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage"}]}}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2018-4700", "datePublished": "2019-08-05T18:02:41", "dateRejected": "2019-08-05T18:02:41", "dateReserved": "2018-01-02T00:00:00", "dateUpdated": "2019-08-05T18:02:41", "state": "REJECTED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-4300. Reason: This candidate is a duplicate of CVE-2018-4300. Notes: All CVE users should reference CVE-2018-4300 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage"}], "id": "CVE-2018-4700", "lastModified": "2023-11-07T02:58:32.240", "metrics": {}, "published": "2019-08-05T19:15:11.053", "references": [], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Rejected"}

{"affected_release": [{"advisory": "RHSA-2020:1050", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "cups-1:1.6.3-43.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-03-31T00:00:00Z"}], "bugzilla": {"description": "cups: Predictable session cookie breaks CSRF protection", "id": "1649347", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649347"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.3", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "status": "verified"}, "cwe": "CWE-384", "details": ["[REJECTED CVE] A predictable session cookie vulnerability was identified in the CUPS printing server. Insufficient randomness in session cookie generation made it easy to guess, undermining CSRF protection. This flaw allowed unauthorized scripted access to the CUPS web interface when enabled, posing a risk of unauthorized control or configuration of the printing server."], "name": "CVE-2018-4700", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "cups", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "cups", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "cups", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Not affected", "package_name": "redhat-virtualization-host", "product_name": "Red Hat Virtualization 4"}], "public_date": "2018-12-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-4700\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-4700"], "statement": "This vulnerability was originally assigned CVE-2018-4700, but after the publication of security errata the identifier was changed to CVE-2018-4300. Both identifiers refer to the same vulnerability.  Since some sources use CVE-2018-4700 and others use CVE-2018-4300, Red Hat security advisories for this vulnerability have been amended to include both identifiers.", "threat_severity": "Moderate"}