nvd-json-data-feeds/CVE-2017/CVE-2017-10002xx/CVE-2017-1000214.json

{
  "id": "CVE-2017-1000214",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2017-11-27T14:29:00.193",
  "lastModified": "2017-12-19T16:14:09.313",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "GitPHP by xiphux is vulnerable to OS Command Injections"
    },
    {
      "lang": "es",
      "value": "GitPHP de xiphux es vulnerable a inyecciones de comandos del sistema operativo"
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "13D41971-B5C1-4F64-BA1C-D080191F8546"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA1EB2FC-647C-4DDE-B890-D57084DA370E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE5811AB-2EC7-4170-A748-F8697CB1BF39"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CEBDDA5-87F2-462C-9F41-39810F3F816A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "384FB52A-0DC1-47DD-B92E-207B0407F847"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5748E5D-4F37-41E0-BA2A-10B1FEBB3C19"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "144FDAB1-0BDF-44CD-9FBF-9072EE4EC532"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F07A0D2B-338C-48F2-A7C8-78F065454042"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA70BDC3-B16D-46BE-8BCF-C874978A6D93"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4215457-A562-4C77-9C41-C4BBDE96CF37"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5775D31F-D33F-44D2-9F85-B94281D5CBF6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D075FE60-C002-400D-963A-4298B5A833CB"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1AA07C2-9D87-4BFE-8E8D-1E176558EE91"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3DFEFBF-8F83-451E-995A-5A844CC5B13F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BC69FF-8C34-4588-AEE1-66A40E6E5015"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/Enalean/gitphp/commit/160621785ee812d6d90e20878bd6175e42c13c94",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/xiphux/gitphp/pull/37",
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ]
    }
  ]
}