admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 17:51:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-01xx/CVE-2015-0110.json

213 lines
7.4 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2015-0110",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2017-09-15T20:29:00.270",
"lastModified": "2017-09-26T18:29:07.217",
"vulnStatus": "Analyzed",
Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00
"cveTags": [],
bootstrap
2023-04-24 12:24:31 +02:00
"descriptions": [
{
"lang": "en",
"value": "IBM Business Process Manager (aka BPM) 7.5.x, 8.0.x, and 8.5.x and WebSphere Lombardi Edition (aka WLE) 7.2.x allow remote authenticated users to bypass intended access restrictions on internal service types via vectors involving the executeServiceByName URL."
},
{
"lang": "es",
"value": "IBM Business Process Manager (BPM) 7.5.x, 8.0.x y 8.5.x y WebSphere Lombardi Edition (WLE) 7.2.x permiten que usuarios autenticados remotos omitan las restricciones de acceso establecidas en tipos de servicios internos mediante vectores relacionados con la URL executeServiceByName."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42264DE4-CEED-4FA5-8C77-82BF9A55F3F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E78ECD-6FFA-4AA0-B8B4-F9C002D6F8EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC02B89-813E-4B3D-B518-6565BE06C575"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "06DFA125-9D52-4C16-9946-DB8D43700415"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "613CC0CD-083E-439A-9A53-777E69CDE2DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "161542A0-E919-4105-AD4F-C881ACF8D26B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8D1DC9-CB5E-4627-8689-B5FA7C5DE1C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "32504DEB-7391-4452-BA2E-409959B24222"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F74820-DF10-499E-AF7A-93AC285843D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4C12274F-495C-4E81-A317-E66916B0A2F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "989C89DF-C6CB-45C9-9592-30A83896BD71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "783C2592-9669-4C75-9E63-C834482F6F8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7021B830-3EE4-446D-8D87-BBD2097A023E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.0:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "0F01429B-F1A2-4C9A-A942-8C7951D8F454"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.1:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "B17CAD84-9637-4166-A8D8-7EC784EF6130"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.2:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "C3796DA7-CA75-4C5C-B5ED-F4468D5240C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.3:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "05EB6216-7893-45CA-B731-C2E3B86F5D13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.4:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "3378FFC5-D787-448F-BF4C-5545A13C1BDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.5:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "885708B0-7176-4C9D-A485-218706AF170A"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/73274",
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21694940",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue Copy Permalink