admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2019/3xxx/CVE-2019-3753.json

141 lines
5.4 KiB
JSON
Raw Normal View History

- Synchronized data.
2019-01-03 14:05:09 -05:00
{
"-Synchronized-Data."
2019-03-18 03:51:54 +00:00
"CVE_data_meta": {
Added CVE-2019-3753
2019-08-20 13:35:49 -04:00
"ASSIGNER": "secure@dell.com",
"-Synchronized-Data."
2019-08-20 19:00:53 +00:00
"DATE_PUBLIC": "2019-08-16T04:00:00.000Z",
"-Synchronized-Data."
2019-03-18 03:51:54 +00:00
"ID": "CVE-2019-3753",
Added CVE-2019-3753
2019-08-20 13:35:49 -04:00
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PowerConnect 8024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "5.1.15.2"
}
]
}
},
{
"product_name": "PowerConnect 7000",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "5.1.15.2"
}
]
}
},
{
"product_name": "PowerConnect M6348",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "5.1.15.2"
}
]
}
},
{
"product_name": "PowerConnect M6220",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "5.1.15.2"
}
]
}
},
{
"product_name": "PowerConnect M8024 ",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "5.1.15.2"
}
]
}
},
{
"product_name": "PowerConnect M8024-K",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "5.1.15.2"
}
]
}
}
]
},
"vendor_name": "Dell EMC"
}
]
}
"-Synchronized-Data."
2019-03-18 03:51:54 +00:00
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
Added CVE-2019-3753
2019-08-20 13:35:49 -04:00
"value": "Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K running firmware versions prior to 5.1.15.2 contain a plain-text password storage vulnerability. TACACS\\Radius credentials are stored in plain text in the system settings menu. An authenticated malicious user with access to the system settings menu may obtain the exposed password to use it in further attacks."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-312 Cleartext Storage of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"-Synchronized-Data."
2019-08-20 19:00:53 +00:00
"name": "https://www.dell.com/support/article/sln318359/",
Added CVE-2019-3753
2019-08-20 13:35:49 -04:00
"url": "https://www.dell.com/support/article/sln318359/"
"-Synchronized-Data."
2019-03-18 03:51:54 +00:00
}
]
Added CVE-2019-3753
2019-08-20 13:35:49 -04:00
},
"source": {
"discovery": "UNKNOWN"
"-Synchronized-Data."
2019-03-18 03:51:54 +00:00
}
}
Reference in New Issue Copy Permalink