admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2018/CVE-2018-66xx/CVE-2018-6670.json
cad-safe-bot b47d02a333 Auto-Update: 2023-11-07T21:02:52.274489+00:00
2023-11-07 21:03:21 +00:00

122 lines
3.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2018-6670",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2018-06-07T18:29:00.250",
"lastModified": "2023-11-07T03:00:13.550",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "External Entity Attack vulnerability in the ePO extension in McAfee Common UI (CUI) 2.0.2 allows remote authenticated users to view confidential information via a crafted HTTP request parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de ataque de entidad externa en la extensi\u00f3n ePO en McAfee Common UI (CUI) 2.0.2 permite que usuarios remotos autenticados vean informaci\u00f3n confidencial mediante un par\u00e1metro de petici\u00f3n HTTP manipulado."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": true,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:common_catalog:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.3",
"matchCriteriaId": "F849CD40-0536-486F-8384-7066E55A651D"
}
]
}
]
}
],
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10236",
"source": "trellixpsirt@trellix.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink