admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2016/CVE-2016-97xx/CVE-2016-9717.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

146 lines
4.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2016-9717",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2017-07-31T21:29:00.407",
"lastModified": "2017-08-03T15:56:29.627",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "HTTP Parameter Override is identified in the IBM Infosphere Master Data Management (MDM) 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 product. It enables attackers by exposing the presence of duplicated parameters which may produce an anomalous behavior in the application that can be potentially exploited."
},
{
"lang": "es",
"value": "La anulaci\u00f3n de par\u00e1metros HTTP es identificada en el producto IBM Infosphere Master Data Management (MDM) versiones 10.1. 11.0. 11.3, 11.4, 11.5 y 11.6. Permite a los atacantes exponer la presencia de par\u00e1metros duplicados que pueden producir un comportamiento irregular en la aplicaci\u00f3n que puede ser potencialmente explotada."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:infosphere_master_data_management_server:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B176246A-FFAD-46E5-ACED-144925A35CFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:infosphere_master_data_management_server:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54ABD5B3-167A-403E-AF24-4648ED141EC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:infosphere_master_data_management_server:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD87A187-8144-4862-95B5-4431B14939CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:infosphere_master_data_management_server:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CE14EFD3-EE7A-4115-8ACB-E84C2C9D7C6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:infosphere_master_data_management_server:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "245897F6-4514-4311-8842-0E7CA4D39F70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:infosphere_master_data_management_server:11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "70161811-DB7E-4675-BF8B-CEEA38A2C69A"
}
]
}
]
}
],
"references": [
{
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006605",
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/100074",
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119730",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink