mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
127 lines
3.7 KiB
JSON
127 lines
3.7 KiB
JSON
|
{
|
||
|
|
"CVE_data_meta" : {
|
||
|
|
"ASSIGNER" : "cve@mitre.org",
|
||
|
|
"ID" : "CVE-2012-5887",
|
||
|
|
"STATE" : "PUBLIC"
|
||
|
|
},
|
||
|
|
"affects" : {
|
||
|
|
"vendor" : {
|
||
|
|
"vendor_data" : [
|
||
|
|
{
|
||
|
|
"product" : {
|
||
|
|
"product_data" : [
|
||
|
|
{
|
||
|
|
"product_name" : "n/a",
|
||
|
|
"version" : {
|
||
|
|
"version_data" : [
|
||
|
|
{
|
||
|
|
"version_value" : "n/a"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
}
|
||
|
|
]
|
||
|
|
},
|
||
|
|
"vendor_name" : "n/a"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
},
|
||
|
|
"data_format" : "MITRE",
|
||
|
|
"data_type" : "CVE",
|
||
|
|
"data_version" : "4.0",
|
||
|
|
"description" : {
|
||
|
|
"description_data" : [
|
||
|
|
{
|
||
|
|
"lang" : "eng",
|
||
|
|
"value" : "The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests."
|
||
|
|
}
|
||
|
|
]
|
||
|
|
},
|
||
|
|
"problemtype" : {
|
||
|
|
"problemtype_data" : [
|
||
|
|
{
|
||
|
|
"description" : [
|
||
|
|
{
|
||
|
|
"lang" : "eng",
|
||
|
|
"value" : "n/a"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
]
|
||
|
|
},
|
||
|
|
"references" : {
|
||
|
|
"reference_data" : [
|
||
|
|
{
|
||
|
|
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1377807"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1380829"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1392248"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://tomcat.apache.org/security-5.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://tomcat.apache.org/security-6.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://tomcat.apache.org/security-7.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21626891"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0623.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0629.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0631.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0632.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0633.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0640.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0647.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0648.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0726.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://www.ubuntu.com/usn/USN-1637-1"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://www.securityfocus.com/bid/56403"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "http://secunia.com/advisories/51371"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79809"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
}
|