mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
77 lines
2.4 KiB
JSON
77 lines
2.4 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2010-3898",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "IBM OmniFind Enterprise Edition 8.x and 9.x does not properly restrict the cookie path of administrator (aka ESAdmin) cookies, which might allow remote attackers to bypass authentication by leveraging access to other pages on the web site."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "20101109 IBM OmniFind - several vulnerabilities",
|
|
"refsource": "BUGTRAQ",
|
|
"url": "http://www.securityfocus.com/archive/1/514688/100/0/threaded"
|
|
},
|
|
{
|
|
"name": "44740",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/44740"
|
|
},
|
|
{
|
|
"name": "http://security.fatihkilic.de/advisory/fkilic-sa-2010-ibm-omnifind.txt",
|
|
"refsource": "MISC",
|
|
"url": "http://security.fatihkilic.de/advisory/fkilic-sa-2010-ibm-omnifind.txt"
|
|
},
|
|
{
|
|
"name": "ADV-2010-2933",
|
|
"refsource": "VUPEN",
|
|
"url": "http://www.vupen.com/english/advisories/2010/2933"
|
|
}
|
|
]
|
|
}
|
|
} |