admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2017/2xxx/CVE-2017-2638.json
CVE Team d10cabc8fb
- Synchronized data.
2018-07-17 06:03:19 -04:00

93 lines
2.6 KiB
JSON
Raw Blame History

{
"CVE_data_meta" : {
"ASSIGNER" : "sfowler@redhat.com",
"ID" : "CVE-2017-2638",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "infinispan",
"version" : {
"version_data" : [
{
"version_value" : "Infinispan 9.0.0.Final"
}
]
}
}
]
},
"vendor_name" : "[UNKNOWN]"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. An attacker could use this vulnerability to read or modify data in the default cache or a known cache name."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version" : "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-306"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2638",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2638"
},
{
"name" : "https://github.com/infinispan/infinispan/pull/4936/commits",
"refsource" : "CONFIRM",
"url" : "https://github.com/infinispan/infinispan/pull/4936/commits"
},
{
"name" : "https://issues.jboss.org/browse/ISPN-7485",
"refsource" : "CONFIRM",
"url" : "https://issues.jboss.org/browse/ISPN-7485"
},
{
"name" : "RHSA-2017:1097",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-1097.html"
},
{
"name" : "97964",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97964"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink