admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-30 18:21:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2008/CVE-2008-27xx/CVE-2008-2717.json

192 lines
6.7 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2008-2717",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-06-16T22:41:00.000",
"lastModified": "2018-10-11T20:42:37.587",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions."
},
{
"lang": "es",
"value": "TYPO3 versiones 4.0.x anteriores a 4.0.9, versiones 4.1.x anteriores a 4.1.7, y versiones 4.2.x anteriores a 4.2.1, utiliza un fileDenyPattern predeterminado insuficientemente restrictivo para Apache, que permite a los atacantes remotos omitir las restricciones de seguridad y cargar archivos de configuraci\u00f3n como .htaccess, o conducir ataques de carga de archivos mediante varias extensiones."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:apache_webserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DF97C8-A5E1-4091-A43D-B8F60E0313E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25EAE65C-1E17-48CD-B48C-E0BC09FB6596"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "501A9157-044A-4856-8092-418D7329EED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA47174-9BC4-4B74-8618-6A7B0773553B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A13146E-EC04-4354-9123-BC7CB292C66A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8F27B173-8D10-47F7-8450-F8808A918295"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0D1FAD0A-6B98-476B-BCD2-361996CA1C36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AE992D57-AF82-4BF0-96E8-98110C0AEBF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9A484F-C34D-4885-8125-D9C8725EEB4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCCB2DE6-4407-4E40-8574-9C813183565B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F271C6-B5A7-4B06-A3DF-4C7F74090CC8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "161E310F-F2D8-40B3-8390-8C52ACDD0B72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B33D32-4D59-4768-A2C6-9DC7CD30F5E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4679B5DF-25FA-40E9-A322-DF1FF1BC7E7C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "96D69530-AE74-4012-B522-01D0B6B01662"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5514D17F-95A5-48C5-9F91-554F8D3C3DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E46E35EC-FF7B-4510-A5F2-FC230B7477B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "884B4418-83A4-4BCB-8019-306285EB418E"
}
]
}
]
}
],
"references": [
{
"url": "http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/",
"source": "cve@mitre.org"
},
{
"url": "http://securityreason.com/securityalert/3945",
"source": "cve@mitre.org"
},
{
"url": "http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2008/dsa-1596",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/493270/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/29657",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2008/1802",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42988",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue Copy Permalink