admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2014/CVE-2014-09xx/CVE-2014-0950.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

136 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2014-0950",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2018-04-20T21:29:00.503",
"lastModified": "2018-05-24T17:54:36.973",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM Server, (2) ClearQuest Native client, (3) ClearQuest Eclipse client, and (4) ClearQuest Eclipse Designer components in IBM Rational ClearQuest 7.1.1 through 7.1.1.9, 7.1.2 through 7.1.2.13, 8.0.0 through 8.0.0.10, and 8.0.1 through 8.0.1.3 allow remote attackers to cause a denial of service or access other servers via crafted XML data. IBM X-Force ID: 92623."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XEE (XML External Entity) en (1) CQWeb / CM Server, (2) el cliente ClearQuest Native, (3) el cliente ClearQuest Eclipse y (4) los componentes ClearQuest Eclipse Designer en IBM Rational ClearCase 7.1.1 hasta 7.1.1.9, 7.1.2 hasta 7.1.2.13, 8.0 hasta 8.0.0.10 y 8.0.1 hasta 8.0.1.3 permiten que atacantes remotos provoquen una denegaci\u00f3n de servicio (DoS) o accedan a otros servidores mediante datos XML manipulados. IBM X-Force ID: 92623."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_clearquest:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.1",
"versionEndIncluding": "7.1.1.9",
"matchCriteriaId": "F3933A6A-CFD4-41B9-BF65-8100C0C93DE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_clearquest:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.2",
"versionEndIncluding": "7.1.2.13",
"matchCriteriaId": "2A5FCFE9-E734-4B5E-BA7F-0934AA080FC8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_clearquest:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.0.10",
"matchCriteriaId": "A49E5999-38E4-4C4F-BF76-E284E1D97D53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_clearquest:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.1",
"versionEndIncluding": "8.0.1.3",
"matchCriteriaId": "3792D419-1791-46AA-BB3E-E432D470CB2D"
}
]
}
]
}
],
"references": [
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675164",
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92623",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory",
"VDB Entry"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink