admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-28 09:12:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2017/3xxx/CVE-2017-3907.json
CVE Team e8e212932d
"-Synchronized-Data."
2019-03-18 05:43:41 +00:00

86 lines
2.9 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"ID": "CVE-2017-3907",
"STATE": "PUBLIC",
"TITLE": "McAfee Threat Intelligence Exchange (TIE) Server - Code Injection vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Threat Intelligence Exchange (TIE) Server",
"version": {
"version_data": [
{
"affected": "<",
"platform": "x86",
"version_name": "2.1.0",
"version_value": "2.1.0 Hotfix 1"
}
]
}
}
]
},
"vendor_name": "McAfee"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code to be reflected in the response web page via unspecified vector."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Code Injection vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10207",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10207"
}
]
},
"source": {
"advisory": "SB10207",
"discovery": "INTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink