admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-31 18:51:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-03xx/CVE-2019-0327.json

145 lines
4.5 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2019-0327",
"sourceIdentifier": "cna@sap.com",
"published": "2019-07-10T20:15:12.060",
"lastModified": "2019-07-18T13:36:16.003",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation."
},
{
"lang": "es",
"value": "SAP NetWeaver para Java Application Server - Web Container, (engineapi, versiones 7.1, 7.2, 7.3, 7.31, 7.4 y 7.5), (servercode, versiones 7.2, 7.3, 7.31, 7.4, 7.5), permiten a un atacante cargar archivos (incluyendo archivos de script) sin la comprobaci\u00f3n apropiada del formato del archivo."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D60371A7-F8F4-46F8-9659-DD4EE84B81EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*",
"matchCriteriaId": "43A28C48-4325-4694-88B1-FEE46EBFB0A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "24A1E0B9-8C28-41BC-B050-237B5F929C9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "9C506445-3787-4BFF-A98B-7502A0F7CF80"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/109071",
"source": "cna@sap.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://launchpad.support.sap.com/#/notes/2777910",
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue Copy Permalink