nvd-json-data-feeds/CVE-2014/CVE-2014-08xx/CVE-2014-0848.json

{
  "id": "CVE-2014-0848",
  "sourceIdentifier": "psirt@us.ibm.com",
  "published": "2014-03-26T10:55:05.193",
  "lastModified": "2017-08-29T01:34:16.997",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server component in IBM Netezza Performance Portal 2.0 before 2.0.0.4 have weak SSLCipherSuite values, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack."
    },
    {
      "lang": "es",
      "value": "Los archivos (1) ssl.conf y (2) httpd.conf en el componente Apache HTTP Server en IBM Netezza Performance Portal 2.0 anterior a 2.0.0.4 tienen valores SSLCipherSuite d\u00e9biles, lo que facilita a atacantes remotos anular mecanismos de protecci\u00f3n criptogr\u00e1ficos a trav\u00e9s de un ataque de fuerza bruta."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5
        },
        "baseSeverity": "LOW",
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:netezza_performance_portal:2.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "83C946BB-08D5-4CA1-88ED-60397A3D6F48"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:netezza_performance_portal:2.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FE3CE27-B412-45B8-97F7-F0EA43091CC7"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:netezza_performance_portal:2.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15122484-0FAB-4D26-A9B7-A5ACAB9F9E0E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:netezza_performance_portal:2.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "72051BE0-33A1-4D30-8684-DF3E31A7451C"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21665278",
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90723",
      "source": "psirt@us.ibm.com"
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2014-0848",`
			`"sourceIdentifier": "psirt@us.ibm.com",`
			`"published": "2014-03-26T10:55:05.193",`
			`"lastModified": "2017-08-29T01:34:16.997",`
			`"vulnStatus": "Modified",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server component in IBM Netezza Performance Portal 2.0 before 2.0.0.4 have weak SSLCipherSuite values, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack."`
			`},`
			`{`
			`"lang": "es",`
			`"value": "Los archivos (1) ssl.conf y (2) httpd.conf en el componente Apache HTTP Server en IBM Netezza Performance Portal 2.0 anterior a 2.0.0.4 tienen valores SSLCipherSuite d\u00e9biles, lo que facilita a atacantes remotos anular mecanismos de protecci\u00f3n criptogr\u00e1ficos a trav\u00e9s de un ataque de fuerza bruta."`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV2": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "2.0",`
			`"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",`
			`"accessVector": "NETWORK",`
			`"accessComplexity": "MEDIUM",`
			`"authentication": "SINGLE",`
			`"confidentialityImpact": "PARTIAL",`
			`"integrityImpact": "NONE",`
			`"availabilityImpact": "NONE",`
			`"baseScore": 3.5`
			`},`
			`"baseSeverity": "LOW",`
			`"exploitabilityScore": 6.8,`
			`"impactScore": 2.9,`
			`"acInsufInfo": false,`
			`"obtainAllPrivilege": false,`
			`"obtainUserPrivilege": false,`
			`"obtainOtherPrivilege": false,`
			`"userInteractionRequired": false`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-310"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ibm:netezza_performance_portal:2.0.0.0:::::::*",`
			`"matchCriteriaId": "83C946BB-08D5-4CA1-88ED-60397A3D6F48"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ibm:netezza_performance_portal:2.0.0.1:::::::*",`
			`"matchCriteriaId": "7FE3CE27-B412-45B8-97F7-F0EA43091CC7"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ibm:netezza_performance_portal:2.0.0.2:::::::*",`
			`"matchCriteriaId": "15122484-0FAB-4D26-A9B7-A5ACAB9F9E0E"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ibm:netezza_performance_portal:2.0.0.3:::::::*",`
			`"matchCriteriaId": "72051BE0-33A1-4D30-8684-DF3E31A7451C"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21665278",`
			`"source": "psirt@us.ibm.com",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90723",`
			`"source": "psirt@us.ibm.com"`
			`}`
			`]`
			`}`