admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2011/CVE-2011-43xx/CVE-2011-4350.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

153 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2011-4350",
"sourceIdentifier": "secalert@redhat.com",
"published": "2019-11-26T05:15:14.537",
"lastModified": "2020-08-18T15:05:57.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. A remote authenticated user could use this flaw to obtain content of arbitrary local files via specially-crafted URL request."
},
{
"lang": "es",
"value": "Yaws versi\u00f3n 1.91, presenta una vulnerabilidad de salto de directorio en la manera en que ciertas URL son procesadas. Un usuario autenticado remoto podr\u00eda usar este fallo para obtener contenido de archivos locales arbitrarios mediante una petici\u00f3n de URL especialmente dise\u00f1ada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yaws:yaws:1.91:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4D556C-941C-479C-BB4C-87883F9AEA16"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650009",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4350",
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2011-4350",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2011/11/25/7",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink