admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-198xx/CVE-2019-19843.json

289 lines
9.6 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2019-19843",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-01-22T19:15:12.517",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"lastModified": "2024-11-21T04:35:30.683",
"vulnStatus": "Modified",
Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00
"cveTags": [],
bootstrap
2023-04-24 12:24:31 +02:00
"descriptions": [
{
"lang": "en",
"value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache."
},
{
"lang": "es",
"value": "Un control de acceso incorrecto en la interfaz web en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite la extracci\u00f3n de credenciales remota por medio de una petici\u00f3n HTTP no autenticada que involucra un enlace simb\u00f3lico con /tmp y web/user/wps_tool_cache."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
bootstrap
2023-04-24 12:24:31 +02:00
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"availabilityImpact": "HIGH"
bootstrap
2023-04-24 12:24:31 +02:00
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"baseScore": 7.5,
bootstrap
2023-04-24 12:24:31 +02:00
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"availabilityImpact": "PARTIAL"
bootstrap
2023-04-24 12:24:31 +02:00
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
},
{
"lang": "en",
"value": "CWE-552"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
"versionEndExcluding": "200.7.10.202.94",
"matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.10.2.0.84",
"matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.12.0",
"versionEndExcluding": "9.12.3.0.136",
"matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.13.0",
"versionEndExcluding": "10.0.1.0.90",
"matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.0",
"versionEndExcluding": "10.1.2.0.275",
"matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.1.0.147",
"matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.3.0",
"versionEndExcluding": "10.3.1.0.21",
"matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E"
}
]
}
]
}
],
"references": [
{
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.ruckuswireless.com/security/299/view/txt",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
},
{
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.ruckuswireless.com/security/299/view/txt",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
bootstrap
2023-04-24 12:24:31 +02:00
}
]
}
Reference in New Issue Copy Permalink