Vulnerabilites related to Pivotal - Pivotal Application Service
cve-2018-1278
Vulnerability from cvelistv5
Published
2018-05-11 20:00
Modified
2024-09-16 23:42
Severity ?
EPSS score ?
Summary
Apps Manager included in Pivotal Application Service, versions 1.12.x prior to 1.12.22, 2.0.x prior to 2.0.13, and 2.1.x prior to 2.1.4 contains an authorization enforcement vulnerability. A member of any org is able to create invitations to any org for which the org GUID can be discovered. Accepting this invitation gives unauthorized access to view the member list, domains, quotas and other information about the org.
References
| ▼ | URL | Tags |
|---|---|---|
| https://pivotal.io/security/cve-2018-1278 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104227 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Pivotal | Pivotal Application Service |
Version: 1.12.x prior to 1.12.22 and 2.0.x prior to 2.0.13 and 2.1.x prior to 2.1.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:37.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://pivotal.io/security/cve-2018-1278"
},
{
"name": "104227",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104227"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Pivotal Application Service",
"vendor": "Pivotal",
"versions": [
{
"status": "affected",
"version": "1.12.x prior to 1.12.22 and 2.0.x prior to 2.0.13 and 2.1.x prior to 2.1.4"
}
]
}
],
"datePublic": "2018-05-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apps Manager included in Pivotal Application Service, versions 1.12.x prior to 1.12.22, 2.0.x prior to 2.0.13, and 2.1.x prior to 2.1.4 contains an authorization enforcement vulnerability. A member of any org is able to create invitations to any org for which the org GUID can be discovered. Accepting this invitation gives unauthorized access to view the member list, domains, quotas and other information about the org."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authorization Error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-22T13:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://pivotal.io/security/cve-2018-1278"
},
{
"name": "104227",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104227"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2018-05-10T00:00:00",
"ID": "CVE-2018-1278",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Pivotal Application Service",
"version": {
"version_data": [
{
"version_value": "1.12.x prior to 1.12.22 and 2.0.x prior to 2.0.13 and 2.1.x prior to 2.1.4"
}
]
}
}
]
},
"vendor_name": "Pivotal"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apps Manager included in Pivotal Application Service, versions 1.12.x prior to 1.12.22, 2.0.x prior to 2.0.13, and 2.1.x prior to 2.1.4 contains an authorization enforcement vulnerability. A member of any org is able to create invitations to any org for which the org GUID can be discovered. Accepting this invitation gives unauthorized access to view the member list, domains, quotas and other information about the org."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authorization Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://pivotal.io/security/cve-2018-1278",
"refsource": "CONFIRM",
"url": "https://pivotal.io/security/cve-2018-1278"
},
{
"name": "104227",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104227"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2018-1278",
"datePublished": "2018-05-11T20:00:00Z",
"dateReserved": "2017-12-06T00:00:00",
"dateUpdated": "2024-09-16T23:42:24.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-3777
Vulnerability from cvelistv5
Published
2019-03-07 19:00
Modified
2024-09-16 21:56
Severity ?
EPSS score ?
Summary
Pivotal Application Service (PAS), versions 2.2.x prior to 2.2.12, 2.3.x prior to 2.3.7 and 2.4.x prior to 2.4.3, contain apps manager that uses a cloud controller proxy that fails to verify SSL certs. A remote unauthenticated attacker that could hijack the Cloud Controller's DNS record could intercept access tokens sent to the Cloud Controller, giving the attacker access to the user's resources in the Cloud Controller
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/107214 | vdb-entry, x_refsource_BID | |
| https://pivotal.io/security/cve-2019-3777 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Pivotal | Apps Manager |
Version: 666 < 666.0.19 Version: 665 < 665.0.26 Version: 667 < 667.0.5 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "107214",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107214"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://pivotal.io/security/cve-2019-3777"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apps Manager",
"vendor": "Pivotal",
"versions": [
{
"lessThan": "666.0.19",
"status": "affected",
"version": "666",
"versionType": "custom"
},
{
"lessThan": "665.0.26",
"status": "affected",
"version": "665",
"versionType": "custom"
},
{
"lessThan": "667.0.5",
"status": "affected",
"version": "667",
"versionType": "custom"
}
]
},
{
"product": "Pivotal Application Service",
"vendor": "Pivotal",
"versions": [
{
"lessThan": "2.4.3",
"status": "affected",
"version": "2.4",
"versionType": "custom"
},
{
"lessThan": "2.3.7",
"status": "affected",
"version": "2.3",
"versionType": "custom"
},
{
"lessThan": "2.2.12",
"status": "affected",
"version": "2.2",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-02-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Pivotal Application Service (PAS), versions 2.2.x prior to 2.2.12, 2.3.x prior to 2.3.7 and 2.4.x prior to 2.4.3, contain apps manager that uses a cloud controller proxy that fails to verify SSL certs. A remote unauthenticated attacker that could hijack the Cloud Controller\u0027s DNS record could intercept access tokens sent to the Cloud Controller, giving the attacker access to the user\u0027s resources in the Cloud Controller"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295: Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-08T10:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "107214",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107214"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://pivotal.io/security/cve-2019-3777"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apps Manager unverified SSL certs in Cloud Controller proxy",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2019-02-26T23:47:49.000Z",
"ID": "CVE-2019-3777",
"STATE": "PUBLIC",
"TITLE": "Apps Manager unverified SSL certs in Cloud Controller proxy"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apps Manager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "666",
"version_value": "666.0.19"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "665",
"version_value": "665.0.26"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "667",
"version_value": "667.0.5"
}
]
}
},
{
"product_name": "Pivotal Application Service",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "2.4",
"version_value": "2.4.3"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "2.3",
"version_value": "2.3.7"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "2.2",
"version_value": "2.2.12"
}
]
}
}
]
},
"vendor_name": "Pivotal"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pivotal Application Service (PAS), versions 2.2.x prior to 2.2.12, 2.3.x prior to 2.3.7 and 2.4.x prior to 2.4.3, contain apps manager that uses a cloud controller proxy that fails to verify SSL certs. A remote unauthenticated attacker that could hijack the Cloud Controller\u0027s DNS record could intercept access tokens sent to the Cloud Controller, giving the attacker access to the user\u0027s resources in the Cloud Controller"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295: Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "107214",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107214"
},
{
"name": "https://pivotal.io/security/cve-2019-3777",
"refsource": "CONFIRM",
"url": "https://pivotal.io/security/cve-2019-3777"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2019-3777",
"datePublished": "2019-03-07T19:00:00Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T21:56:55.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-11044
Vulnerability from cvelistv5
Published
2018-07-24 19:00
Modified
2024-09-16 21:02
Severity ?
EPSS score ?
Summary
Pivotal Apps Manager included in Pivotal Application Service, versions 2.2.x prior to 2.2.1 and 2.1.x prior to 2.1.8 and 2.0.x prior to 2.0.17 and 1.12.x prior to 1.12.26, does not escape all user-provided content when sending invitation emails. A malicious authenticated user can inject content into an invite to another user, exploiting the trust implied by the source of the email.
References
| ▼ | URL | Tags |
|---|---|---|
| https://pivotal.io/security/cve-2018-11044 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Pivotal | Pivotal Application Service |
Version: 2.2.x < 2.2.1 Version: 2.1.x < 2.1.8 Version: 2.0.x < 2.0.17 Version: 1.12.x < 1.12.26 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:54:36.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://pivotal.io/security/cve-2018-11044"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Pivotal Application Service",
"vendor": "Pivotal",
"versions": [
{
"lessThan": "2.2.1",
"status": "affected",
"version": "2.2.x",
"versionType": "custom"
},
{
"lessThan": "2.1.8",
"status": "affected",
"version": "2.1.x",
"versionType": "custom"
},
{
"lessThan": "2.0.17",
"status": "affected",
"version": "2.0.x",
"versionType": "custom"
},
{
"lessThan": "1.12.26",
"status": "affected",
"version": "1.12.x",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-07-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Pivotal Apps Manager included in Pivotal Application Service, versions 2.2.x prior to 2.2.1 and 2.1.x prior to 2.1.8 and 2.0.x prior to 2.0.17 and 1.12.x prior to 1.12.26, does not escape all user-provided content when sending invitation emails. A malicious authenticated user can inject content into an invite to another user, exploiting the trust implied by the source of the email."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information exposure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-24T18:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://pivotal.io/security/cve-2018-11044"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2018-07-23T04:00:00.000Z",
"ID": "CVE-2018-11044",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Pivotal Application Service",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "2.2.x",
"version_value": "2.2.1"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "2.1.x",
"version_value": "2.1.8"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "2.0.x",
"version_value": "2.0.17"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "1.12.x",
"version_value": "1.12.26"
}
]
}
}
]
},
"vendor_name": "Pivotal"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pivotal Apps Manager included in Pivotal Application Service, versions 2.2.x prior to 2.2.1 and 2.1.x prior to 2.1.8 and 2.0.x prior to 2.0.17 and 1.12.x prior to 1.12.26, does not escape all user-provided content when sending invitation emails. A malicious authenticated user can inject content into an invite to another user, exploiting the trust implied by the source of the email."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://pivotal.io/security/cve-2018-11044",
"refsource": "CONFIRM",
"url": "https://pivotal.io/security/cve-2018-11044"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2018-11044",
"datePublished": "2018-07-24T19:00:00Z",
"dateReserved": "2018-05-14T00:00:00",
"dateUpdated": "2024-09-16T21:02:31.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-3788
Vulnerability from cvelistv5
Published
2019-04-25 20:17
Modified
2024-09-16 22:02
Severity ?
EPSS score ?
Summary
Cloud Foundry UAA Release, versions prior to 71.0, allows clients to be configured with an insecure redirect uri. Given a UAA client was configured with a wildcard in the redirect uri's subdomain, a remote malicious unauthenticated user can craft a phishing link to get a UAA access code from the victim.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-3788 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cloud Foundry | UAA Release (OSS) |
Version: All < v71.0 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.261Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-3788"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release (OSS)",
"vendor": "Cloud Foundry",
"versions": [
{
"lessThan": "v71.0",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "Pivotal Application Service",
"vendor": "Pivotal",
"versions": [
{
"lessThan": "2.5.1",
"status": "affected",
"version": "2.5",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA Release, versions prior to 71.0, allows clients to be configured with an insecure redirect uri. Given a UAA client was configured with a wildcard in the redirect uri\u0027s subdomain, a remote malicious unauthenticated user can craft a phishing link to get a UAA access code from the victim."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: Open Redirect",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-25T20:17:37",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-3788"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "UAA redirect-uri allows wildcard in the subdomain",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2019-04-15T00:00:00.000Z",
"ID": "CVE-2019-3788",
"STATE": "PUBLIC",
"TITLE": "UAA redirect-uri allows wildcard in the subdomain"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release (OSS)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "All",
"version_value": "v71.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
},
{
"product": {
"product_data": [
{
"product_name": "Pivotal Application Service",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "2.5",
"version_value": "2.5.1"
}
]
}
}
]
},
"vendor_name": "Pivotal"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry UAA Release, versions prior to 71.0, allows clients to be configured with an insecure redirect uri. Given a UAA client was configured with a wildcard in the redirect uri\u0027s subdomain, a remote malicious unauthenticated user can craft a phishing link to get a UAA access code from the victim."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601: Open Redirect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-3788",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-3788"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2019-3788",
"datePublished": "2019-04-25T20:17:37.233754Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T22:02:12.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}