admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2008/CVE-2008-51xx/CVE-2008-5115.json

137 lines
4.4 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2008-5115",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-11-18T00:30:00.360",
"lastModified": "2018-10-11T20:54:06.617",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to hijack the authentication of administrators for requests that update the password via idm/admin/changeself.jsp."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo cross-site request forgery (CSRF) en Sun Java System Identity Manager en versiones 6.0 hasta 6.0 SP4 , versiones 7.0 y 7.1, permite a los atacantes remotos secuestrar la autenticaci\u00f3n de administradores para peticiones que actualizan la contrase\u00f1a por medio del archivo idm/admin/changeself.jsp."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": true,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13445915-DF3D-4C52-B1DC-9FC6BE0DD519"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D0C2964C-7435-4999-AF16-01CD9EF5782C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "51CFF484-5A52-41DC-A003-A9319DF2AFB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "9A7E88DA-F3A8-4B0F-AD4F-8680C1FB3282"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "861DEDA3-93A1-405A-BA2F-764AE4219D89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0980492E-B7DB-4B9F-A400-FDC47DB89A95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5C87C0-3734-4568-97A6-6AB8979AABE7"
}
]
}
]
}
],
"references": [
{
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr07-11",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/498479/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/32262",
"source": "cve@mitre.org"
},
{
"url": "http://www.securitytracker.com/id?1021170",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2008/3128",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46553",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue Copy Permalink