admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2018/CVE-2018-63xx/CVE-2018-6320.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

189 lines
6.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2018-6320",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-09-06T23:29:02.053",
"lastModified": "2020-04-29T17:32:07.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in login.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1RX before 8.1R12 and 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.2RX before 5.2R9 and 5.4RX before 5.4R2 wherein an http(s) Host header received from the browser is trusted without validation."
},
{
"lang": "es",
"value": "Se ha descubierto una vulnerabilidad en login.cgi en Pulse Secure Pulse Connect Secure (PCS) en versiones 8.1RX anteriores a la 8.1R12 y versiones 8.3RX anteriores a la 8.3R2 y Pulse Policy Secure (PPS) en versiones 5.2RX anteriores a la 5.2R9 y versiones 5.4RX anteriores a la 5.4R2 cuando se conf\u00eda en una cabecera Host HTTP(S) recibida del navegador sin validaci\u00f3n."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1FDA476B-0E74-42D1-8EB8-C2CB404AC6E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:8.1r1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037BE1-408C-47E8-8A70-8440BF3A1ED6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:8.1rx:*:*:*:*:*:*:*",
"matchCriteriaId": "8135B806-EE52-412B-8EE1-6F20666055CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3rx:*:*:*:*:*:*:*",
"matchCriteriaId": "DD77C208-DD3E-46BD-930F-93BB39799D08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A42EFC8-C5FF-4397-87CF-263813FAA5D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C952B5B8-DCAB-476A-9E60-3F1BBE509F21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F199F01-9EEA-4184-AD99-6B21110484AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9938EBCC-B9B7-4FB1-9ACB-9BED485AB5E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B4A309B-ACB0-4053-909A-6889129EB2C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A4A105-EBF3-4895-9ABE-50972DD232F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4013CA1C-48F0-46F6-B327-E6B34311A7EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "112B9736-336D-4C72-A960-0B33DD3439EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49FA8DC5-900B-4A53-AF55-410A7FF901E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4946BBE-E449-4F89-910C-3389BDF36071"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2rx:*:*:*:*:*:*:*",
"matchCriteriaId": "C766CBF4-502C-4522-845C-A5436DD1960D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7F2FFEC-F243-4D85-888E-339C60B3C0CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r2:*:*:*:*:*:*:*",
"matchCriteriaId": "6A841849-DA0E-4BAA-8807-F42481C9457D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4rx:*:*:*:*:*:*:*",
"matchCriteriaId": "07A6F2EF-09AF-4DAA-A552-6111C51DD210"
}
]
}
]
}
],
"references": [
{
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink