mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
83 lines
2.4 KiB
JSON
83 lines
2.4 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2001-1105",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "L-141",
|
|
"refsource" : "CIAC",
|
|
"url" : "http://www.ciac.org/ciac/bulletins/l-141.shtml"
|
|
},
|
|
{
|
|
"name" : "20010912 Vulnerable SSL Implementation in iCDN",
|
|
"refsource" : "CISCO",
|
|
"url" : "http://www.cisco.com/warp/public/707/SSL-J-pub.html"
|
|
},
|
|
{
|
|
"name" : "http://www.rsasecurity.com/products/bsafe/bulletins/BSAFE_SSL-J_3.x.SecurityBulletin.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.rsasecurity.com/products/bsafe/bulletins/BSAFE_SSL-J_3.x.SecurityBulletin.html"
|
|
},
|
|
{
|
|
"name" : "3329",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/3329"
|
|
},
|
|
{
|
|
"name" : "bsafe-ssl-bypass-authentication(7112)",
|
|
"refsource" : "XF",
|
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7112"
|
|
}
|
|
]
|
|
}
|
|
}
|