admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-21xx/CVE-2015-2157.json

272 lines
8.9 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2015-2157",
"sourceIdentifier": "cve@mitre.org",
"published": "2015-03-27T14:59:05.697",
Auto-Update: 2025-04-12T12:02:06.202050+00:00
2025-04-12 12:06:01 +00:00
"lastModified": "2025-04-12T10:46:40.837",
"vulnStatus": "Deferred",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"cveTags": [],
bootstrap
2023-04-24 12:24:31 +02:00
"descriptions": [
{
"lang": "en",
"value": "The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory."
},
{
"lang": "es",
"value": "Las funciones (1) ssh2_load_userkey y (2) ssh2_save_userkey en PuTTY 0.51 hasta 0.63 no limpian correctamente las claves privadas SSH-2 de la memoria, lo que permite a usuarios remotos obtener informaci\u00f3n sensible mediante la lectura de la memoria."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
Auto-Update: 2024-11-22T23:11:09.202836+00:00
2024-11-22 23:14:22 +00:00
"baseScore": 2.1,
bootstrap
2023-04-24 12:24:31 +02:00
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
Auto-Update: 2024-11-22T23:11:09.202836+00:00
2024-11-22 23:14:22 +00:00
"availabilityImpact": "NONE"
bootstrap
2023-04-24 12:24:31 +02:00
},
"baseSeverity": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "FC082AE0-C49D-4944-BE76-B751DAD1EF84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "23BAD8E4-2D3A-45EE-A25D-77BD698119BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7716EC-E0F9-4E50-8351-35D2F248B380"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "46C2BD4D-9817-459E-ACF4-9C95233200A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "22EE5957-76F3-4B20-ADE7-E72D1300A3F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:putty:putty:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "826FA7E4-7F48-4D1C-856C-A965527B0950"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:putty:putty:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "AA54ADC7-2A36-40DA-8219-DAA31509E534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:putty:putty:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "1A14381E-91A1-4902-B409-1281CFA2D561"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:putty:putty:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "8B33EB10-535F-42F2-8F78-CE128A89447C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:putty:putty:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "218F9EAF-C260-43EC-99C4-EFACA9A1DA8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:putty:putty:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "5966235B-2F1A-45C5-AF65-99FFFE4725DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:putty:putty:0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "B9942BA6-8947-4742-9A38-2E2F2F5DD341"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:putty:putty:0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "811276A3-5FB5-4718-94FF-E9B6503B8ABB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simon_tatham:putty:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "129133D1-B374-4743-9F52-27D0A9558D17"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html",
"source": "cve@mitre.org"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html",
"source": "cve@mitre.org"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html",
"source": "cve@mitre.org"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.debian.org/security/2015/dsa-3190",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/4",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/5",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/72825",
"source": "cve@mitre.org"
Auto-Update: 2024-11-22T23:11:09.202836+00:00
2024-11-22 23:14:22 +00:00
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.debian.org/security/2015/dsa-3190",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/72825",
"source": "af854a3a-2127-422b-91ae-364da2661108"
bootstrap
2023-04-24 12:24:31 +02:00
}
]
}
Reference in New Issue Copy Permalink