mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-31 18:51:16 +00:00
109 lines
3.3 KiB
JSON
109 lines
3.3 KiB
JSON
|
{
|
||
|
|
"id": "CVE-2008-1754",
|
||
|
|
"sourceIdentifier": "cve@mitre.org",
|
||
|
|
"published": "2008-04-11T21:05:00.000",
|
||
|
|
"lastModified": "2017-08-08T01:30:25.683",
|
||
|
|
"vulnStatus": "Modified",
|
||
|
|
"descriptions": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory."
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"lang": "es",
|
||
|
|
"value": "Symantec Altiris Deployment Solution anterior a 6.9.164 almacena en memoria las contrase\u00f1as de Deployment Solution Agent (aka AClient) en texto claro, el cual permite a los usuarios locales obtener informaci\u00f3n sensible volcando el proceso de memoria AClient.exe."
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"metrics": {
|
||
|
|
"cvssMetricV2": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"cvssData": {
|
||
|
|
"version": "2.0",
|
||
|
|
"vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N",
|
||
|
|
"accessVector": "LOCAL",
|
||
|
|
"accessComplexity": "LOW",
|
||
|
|
"authentication": "SINGLE",
|
||
|
|
"confidentialityImpact": "PARTIAL",
|
||
|
|
"integrityImpact": "NONE",
|
||
|
|
"availabilityImpact": "NONE",
|
||
|
|
"baseScore": 1.7
|
||
|
|
},
|
||
|
|
"baseSeverity": "LOW",
|
||
|
|
"exploitabilityScore": 3.1,
|
||
|
|
"impactScore": 2.9,
|
||
|
|
"acInsufInfo": false,
|
||
|
|
"obtainAllPrivilege": false,
|
||
|
|
"obtainUserPrivilege": false,
|
||
|
|
"obtainOtherPrivilege": false,
|
||
|
|
"userInteractionRequired": false
|
||
|
|
}
|
||
|
|
]
|
||
|
|
},
|
||
|
|
"weaknesses": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"description": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "CWE-310"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"configurations": [
|
||
|
|
{
|
||
|
|
"nodes": [
|
||
|
|
{
|
||
|
|
"operator": "OR",
|
||
|
|
"negate": false,
|
||
|
|
"cpeMatch": [
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:*:sp2:*:*:*:*:*:*",
|
||
|
|
"versionEndIncluding": "6.8",
|
||
|
|
"matchCriteriaId": "2D3DE87D-33E4-4574-AE73-26E93F57EE9C"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp1:*:*:*:*:*:*",
|
||
|
|
"matchCriteriaId": "A1363995-0647-4C83-B3DA-360D5433DCA6"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.8.380:*:*:*:*:*:*:*",
|
||
|
|
"matchCriteriaId": "66BB840E-08C0-443A-A4B4-CAAF476AB728"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"references": [
|
||
|
|
{
|
||
|
|
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.04.10.html",
|
||
|
|
"source": "cve@mitre.org",
|
||
|
|
"tags": [
|
||
|
|
"Patch"
|
||
|
|
]
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "http://www.securityfocus.com/bid/28707",
|
||
|
|
"source": "cve@mitre.org"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "http://www.securitytracker.com/id?1019825",
|
||
|
|
"source": "cve@mitre.org"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "http://www.vupen.com/english/advisories/2008/1197/references",
|
||
|
|
"source": "cve@mitre.org"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41771",
|
||
|
|
"source": "cve@mitre.org"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|