mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
307 lines
12 KiB
JSON
307 lines
12 KiB
JSON
{
|
|
"id": "CVE-2011-4432",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2011-11-10T00:55:00.930",
|
|
"lastModified": "2012-02-14T04:09:58.070",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "www/include/configuration/nconfigObject/contact/DB-Func.php in Merethis Centreon before 2.3.2 does not use a salt during calculation of a password hash, which makes it easier for context-dependent attackers to determine cleartext passwords via a rainbow-table approach."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "www/include/configuration/nconfigObject/contact/DB-Func.php en Merethis Centreon antes de v2.3.2 no emplea \"salt\" durante el calculo del hash de una contrase\u00f1a, lo que hace m\u00e1s sencillo para atacantes dependientes del contexto determinar las contrase\u00f1as en texto planto a trav\u00e9s de una aproximaci\u00f3n de tablas \"rainbow\"."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-310"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "2.3.1",
|
|
"matchCriteriaId": "45C2952F-A22C-465A-BA6F-A59938932557"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:1.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "61975AFA-B0B2-4B19-B208-146B2E71B737"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:1.4.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1C9B3720-9430-49F7-9E81-A8BB2528E934"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:1.4.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B2A44136-88C1-4CE5-A579-BD7DB1413E68"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E1EA5A52-9234-4A8E-8E84-6D197CB9946F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B5EA670B-897B-4369-AA19-C3052CCE91E2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E56A4852-61E8-4F43-B81F-4C8727082F85"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3F38A5EB-A69E-4567-8DBF-8C438DE66D97"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E62C0AA6-EABE-4926-A4DA-CD471D88C068"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C3A02C2E-AA16-4669-B77E-554B27478D91"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C8F3C43F-3277-4162-B025-7FCBF7A79FAB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.0:b2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "97BB2893-02DC-4C49-B9CA-E9DEF3211C59"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.0:b3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9ADD46A2-80D7-49DD-A36D-BC5AAE01FAAF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.0:b4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F41E4FC5-0031-41A9-820C-C63FF54E0B4D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.0:b5:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2DD77DAA-E499-4064-B717-42EA1950C028"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.0:b6:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4BDC54B9-1955-4849-A6A1-F850931EED7F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.0:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CEC41A81-F8D2-44C7-B56E-C62918FFE0ED"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.0:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C2FA1001-D1A6-4226-A724-6FF13F040314"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.0:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A6A75F22-4D95-4F5B-820F-C15767ADE928"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.0:rc4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9DD571A7-C921-48A9-8974-F9D2F03F7CB5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.0:rc5:*:*:*:*:*:*",
|
|
"matchCriteriaId": "47EE53E4-8F0F-4F54-A392-347D2A044B57"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7E9A1D39-6124-4E6A-81B1-24674BEF6588"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A38C74D1-7D54-4460-B819-0E935D664FDB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "573D2183-3605-4589-86B9-2CAE570B968C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6BF59787-CC19-4C94-B0FA-CD358B286357"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C23A7BA9-076B-4F2E-BF75-61E4717125A3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "38843FE3-2FB0-4A2A-B912-E9A032938553"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "643D44B4-8B03-4EA0-A7CD-28E232581F67"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A3DD7744-B87D-470F-9CC0-6054607340D7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EF20BFD5-B506-4307-9139-F03ABF40EB96"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "08081603-AD02-489B-8997-A507B5C0258D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "35C125B6-B9CE-4CC2-BDDB-C4662A0E49A4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7E71E0C7-4699-4211-B4E8-8365EE23F417"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "36179BA7-13B4-4536-8F23-85D02987946A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.11:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1FD1A7E5-732F-4D81-893B-4314552F21D1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D73CA4BF-87F8-4121-B4E0-C77389140A1C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.1.13:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5144B2D2-63CE-43A6-8ED5-489C7C813CB2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "31F62BA5-CD84-4BF4-8FA4-090F5204078B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.2:b1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E820AD82-824A-450C-9F43-CE687DD0C958"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.2:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "717E8961-B598-41AB-9319-4E6EA0023FF4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.2:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C0301884-6130-48F3-9A78-75BCB810601E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FF3150EE-5077-468D-A808-4FD5EA6499CA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F9377F38-FF3B-43B9-AE24-6FEB84B0997F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EFEF7D25-68E3-491E-9090-2D7D7F07983D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:merethis:centreon:2.3.0:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9EFCB141-6231-4A95-AF65-8E80AB3960AC"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://securityreason.com/securityalert/8530",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-017.txt",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
}
|
|
]
|
|
} |