admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-01xx/CVE-2015-0110.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

212 lines
7.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-0110",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2017-09-15T20:29:00.270",
"lastModified": "2017-09-26T18:29:07.217",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "IBM Business Process Manager (aka BPM) 7.5.x, 8.0.x, and 8.5.x and WebSphere Lombardi Edition (aka WLE) 7.2.x allow remote authenticated users to bypass intended access restrictions on internal service types via vectors involving the executeServiceByName URL."
},
{
"lang": "es",
"value": "IBM Business Process Manager (BPM) 7.5.x, 8.0.x y 8.5.x y WebSphere Lombardi Edition (WLE) 7.2.x permiten que usuarios autenticados remotos omitan las restricciones de acceso establecidas en tipos de servicios internos mediante vectores relacionados con la URL executeServiceByName."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42264DE4-CEED-4FA5-8C77-82BF9A55F3F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E78ECD-6FFA-4AA0-B8B4-F9C002D6F8EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC02B89-813E-4B3D-B518-6565BE06C575"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "06DFA125-9D52-4C16-9946-DB8D43700415"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "613CC0CD-083E-439A-9A53-777E69CDE2DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "161542A0-E919-4105-AD4F-C881ACF8D26B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8D1DC9-CB5E-4627-8689-B5FA7C5DE1C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "32504DEB-7391-4452-BA2E-409959B24222"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F74820-DF10-499E-AF7A-93AC285843D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4C12274F-495C-4E81-A317-E66916B0A2F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "989C89DF-C6CB-45C9-9592-30A83896BD71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "783C2592-9669-4C75-9E63-C834482F6F8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7021B830-3EE4-446D-8D87-BBD2097A023E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.0:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "0F01429B-F1A2-4C9A-A942-8C7951D8F454"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.1:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "B17CAD84-9637-4166-A8D8-7EC784EF6130"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.2:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "C3796DA7-CA75-4C5C-B5ED-F4468D5240C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.3:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "05EB6216-7893-45CA-B731-C2E3B86F5D13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.4:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "3378FFC5-D787-448F-BF4C-5545A13C1BDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.5:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "885708B0-7176-4C9D-A485-218706AF170A"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/73274",
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21694940",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink