mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
72 lines
2.3 KiB
JSON
72 lines
2.3 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "secalert@redhat.com",
|
|
"ID": "CVE-2012-3473",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The (1) reports API and (2) administration feature in the comments API in the Ushahidi Platform before 2.5 do not require authentication, which allows remote attackers to generate reports and organize comments via API functions."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://github.com/ushahidi/Ushahidi_Web/commit/13ca6f4",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://github.com/ushahidi/Ushahidi_Web/commit/13ca6f4"
|
|
},
|
|
{
|
|
"name": "[oss-security] 20120809 Re: CVE request for Ushahidi",
|
|
"refsource": "MLIST",
|
|
"url": "http://openwall.com/lists/oss-security/2012/08/09/5"
|
|
},
|
|
{
|
|
"name": "https://github.com/ushahidi/Ushahidi_Web/commit/f67f4ad",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://github.com/ushahidi/Ushahidi_Web/commit/f67f4ad"
|
|
}
|
|
]
|
|
}
|
|
} |