mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-07 11:06:39 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
8178b47596
commit
879f010054
@ -22,7 +22,7 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n\/a"
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -49,7 +49,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability, which was classified as problematic, was found in phpservermon. This affects the function generatePasswordResetToken of the file src\/psm\/Service\/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the public and may be used. The name of the patch is 3daa804d5f56c55b3ae13bfac368bb84ec632193. It is recommended to apply a patch to fix this issue. The identifier VDB-213717 was assigned to this vulnerability."
|
||||
"value": "A vulnerability, which was classified as problematic, was found in phpservermon. This affects the function generatePasswordResetToken of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the public and may be used. The name of the patch is 3daa804d5f56c55b3ae13bfac368bb84ec632193. It is recommended to apply a patch to fix this issue. The identifier VDB-213717 was assigned to this vulnerability."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -57,19 +57,25 @@
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"baseScore": "2.6",
|
||||
"vectorString": "CVSS:3.1\/AV:A\/AC:H\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N"
|
||||
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https:\/\/huntr.dev\/bounties\/2-phpservermon\/phpservermon\/"
|
||||
"url": "https://huntr.dev/bounties/2-phpservermon/phpservermon/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://huntr.dev/bounties/2-phpservermon/phpservermon/"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/github.com\/phpservermon\/phpservermon\/commit\/3daa804d5f56c55b3ae13bfac368bb84ec632193"
|
||||
"url": "https://github.com/phpservermon/phpservermon/commit/3daa804d5f56c55b3ae13bfac368bb84ec632193",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/phpservermon/phpservermon/commit/3daa804d5f56c55b3ae13bfac368bb84ec632193"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/vuldb.com\/?id.213717"
|
||||
"url": "https://vuldb.com/?id.213717",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.213717"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -22,7 +22,7 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n\/a"
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -49,7 +49,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability, which was classified as problematic, was found in phpservermon. Affected is the function setUserLoggedIn of the file src\/psm\/Service\/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the public and may be used. The name of the patch is bb10a5f3c68527c58073258cb12446782d223bc3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213744."
|
||||
"value": "A vulnerability, which was classified as problematic, was found in phpservermon. Affected is the function setUserLoggedIn of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the public and may be used. The name of the patch is bb10a5f3c68527c58073258cb12446782d223bc3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213744."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -57,19 +57,25 @@
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"baseScore": "2.6",
|
||||
"vectorString": "CVSS:3.1\/AV:A\/AC:H\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N"
|
||||
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https:\/\/huntr.dev\/bounties\/1-phpservermon\/phpservermon\/"
|
||||
"url": "https://huntr.dev/bounties/1-phpservermon/phpservermon/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://huntr.dev/bounties/1-phpservermon/phpservermon/"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/github.com\/phpservermon\/phpservermon\/commit\/bb10a5f3c68527c58073258cb12446782d223bc3"
|
||||
"url": "https://github.com/phpservermon/phpservermon/commit/bb10a5f3c68527c58073258cb12446782d223bc3",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/phpservermon/phpservermon/commit/bb10a5f3c68527c58073258cb12446782d223bc3"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/vuldb.com\/?id.213744"
|
||||
"url": "https://vuldb.com/?id.213744",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.213744"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -34,7 +34,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "WithSecure through 2022-08-10 allows attackers to cause a denial of service (issue 2 of 5)."
|
||||
"value": "A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the address bar."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -61,6 +61,16 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.f-secure.com/en/home/support/security-advisories",
|
||||
"url": "https://www.f-secure.com/en/home/support/security-advisories"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://www.f-secure.com/en/home/support/security-advisories/cve-2022-38163",
|
||||
"url": "https://www.f-secure.com/en/home/support/security-advisories/cve-2022-38163"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://www.f-secure.com/en/home/support/security-advisories",
|
||||
"url": "https://www.f-secure.com/en/home/support/security-advisories"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2910%20(2)",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2910%20(2)",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -141,6 +141,11 @@
|
||||
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41106",
|
||||
"refsource": "MISC",
|
||||
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41106"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1591",
|
||||
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1591"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -35,7 +35,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applications using Heimdal's libhx509. Users should upgrade to Heimdal 7.7.1 or 7.8. There are no known workarounds for this issue.\n"
|
||||
"value": "Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applications using Heimdal's libhx509. Users should upgrade to Heimdal 7.7.1 or 7.8. There are no known workarounds for this issue."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -65,11 +65,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -57,11 +57,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -57,11 +57,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2946",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2946",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -57,11 +57,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2094",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2094",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2843",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2843",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-766",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-766",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2802",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2802",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2842",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2842",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2853",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2853",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2857",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2857",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -57,11 +57,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2910%20(1)",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2910%20(1)",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -57,11 +57,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2912",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2912",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2920",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2920",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2920",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2920",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2921",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2921",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2927",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2927",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2937",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2937",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2938",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2938",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2938",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2938",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2941",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2941",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,11 +61,6 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2947",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2947",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -4,14 +4,78 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-4006",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"TITLE": "WBCE CMS Header class.login.php increase_attempts excessive authentication",
|
||||
"REQUESTER": "cna@vuldb.com",
|
||||
"ASSIGNER": "cna@vuldb.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"generator": "vuldb.com",
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "WBCE",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "CMS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-400 Resource Consumption -> CWE-799 Improper Control of Interaction Frequency -> CWE-307 Improper Restriction of Excessive Authentication Attempts"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by this issue is the function increase_attempts of the file wbce/framework/class.login.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The name of the patch is d394ba39a7bfeb31eda797b6195fd90ef74b2e75. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213716."
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"baseScore": "3.7",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/WBCE/WBCE_CMS/issues/524",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/WBCE/WBCE_CMS/issues/524"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/wbce/wbce_cms/commit/d394ba39a7bfeb31eda797b6195fd90ef74b2e75",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/wbce/wbce_cms/commit/d394ba39a7bfeb31eda797b6195fd90ef74b2e75"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?id.213716",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.213716"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user