mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 17:51:17 +00:00
101 lines
3.2 KiB
JSON
101 lines
3.2 KiB
JSON
|
{
|
||
|
|
"id": "CVE-2008-4390",
|
||
|
|
"sourceIdentifier": "cret@cert.org",
|
||
|
|
"published": "2008-12-09T00:30:00.237",
|
||
|
|
"lastModified": "2009-08-20T05:21:16.663",
|
||
|
|
"vulnStatus": "Modified",
|
||
|
|
"descriptions": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 sends cleartext configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to obtain sensitive information such as passwords by sniffing the network."
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"lang": "es",
|
||
|
|
"value": "La c\u00e1mara de v\u00eddeo inal\u00e1mbrica Linksys WVC54GC de Cisco con firmware anterior al 1.25, env\u00eda en texto plano los datos de configuraci\u00f3n en una respuesta al comando Setup Wizard remote-management, lo que permite a atacantes remotos obtener informaci\u00f3n sensible como contrase\u00f1as rastreando la red."
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"metrics": {
|
||
|
|
"cvssMetricV2": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"cvssData": {
|
||
|
|
"version": "2.0",
|
||
|
|
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
|
|
"accessVector": "NETWORK",
|
||
|
|
"accessComplexity": "LOW",
|
||
|
|
"authentication": "NONE",
|
||
|
|
"confidentialityImpact": "COMPLETE",
|
||
|
|
"integrityImpact": "COMPLETE",
|
||
|
|
"availabilityImpact": "COMPLETE",
|
||
|
|
"baseScore": 10.0
|
||
|
|
},
|
||
|
|
"baseSeverity": "HIGH",
|
||
|
|
"exploitabilityScore": 10.0,
|
||
|
|
"impactScore": 10.0,
|
||
|
|
"acInsufInfo": false,
|
||
|
|
"obtainAllPrivilege": true,
|
||
|
|
"obtainUserPrivilege": false,
|
||
|
|
"obtainOtherPrivilege": false,
|
||
|
|
"userInteractionRequired": false
|
||
|
|
}
|
||
|
|
]
|
||
|
|
},
|
||
|
|
"weaknesses": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"description": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "CWE-200"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"configurations": [
|
||
|
|
{
|
||
|
|
"nodes": [
|
||
|
|
{
|
||
|
|
"operator": "OR",
|
||
|
|
"negate": false,
|
||
|
|
"cpeMatch": [
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:h:cisco:wvc54gc:*:*:*:*:*:*:*:*",
|
||
|
|
"versionEndIncluding": "1.19",
|
||
|
|
"matchCriteriaId": "C882AB42-F04C-4968-A9C9-035A7411153E"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:h:cisco:wvc54gc:1.15:*:*:*:*:*:*:*",
|
||
|
|
"matchCriteriaId": "39AE4F03-2623-476F-BFBF-5D458432BAEC"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"references": [
|
||
|
|
{
|
||
|
|
"url": "http://www.kb.cert.org/vuls/id/528993",
|
||
|
|
"source": "cret@cert.org",
|
||
|
|
"tags": [
|
||
|
|
"Patch",
|
||
|
|
"US Government Resource"
|
||
|
|
]
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "http://www.kb.cert.org/vuls/id/MAPG-7HJKSA",
|
||
|
|
"source": "cret@cert.org"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "http://www.linksys.com/servlet/Satellite?blobcol=urldata&blobheadername1=Content-Type&blobheadername2=Content-Disposition&blobheadervalue1=text%2Fplain&blobheadervalue2=inline%3B+filename%3DWVC54GC-V1.0_non-RoHS-v1.25_fw_ver.txt&blobkey=id&blobtable=MungoBlobs&blobwhere=1193776031728&ssbinary=true&lid=8104724130B17",
|
||
|
|
"source": "cret@cert.org"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "http://www.securityfocus.com/bid/32666",
|
||
|
|
"source": "cret@cert.org"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|