mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
109 lines
3.3 KiB
JSON
109 lines
3.3 KiB
JSON
{
|
|
"id": "CVE-2020-5555",
|
|
"sourceIdentifier": "vultures@jpcert.or.jp",
|
|
"published": "2020-03-25T02:15:11.817",
|
|
"lastModified": "2020-03-26T18:38:37.377",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote attackers to read and write data of the files placed in the same directory where it is placed via unspecified vector due to the improper input validation issue."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Shihonkanri Plus GOOUT versiones Ver1.5.8 y Ver2.2.10, permite a atacantes remotos leer y escribir datos de los archivos ubicados en el mismo directorio donde se colocaron por medio de un vector no especificado debido al problema de comprobaci\u00f3n de entrada inapropiada."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 9.1,
|
|
"baseSeverity": "CRITICAL"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 5.2
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 6.4
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 4.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-20"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:shihonkanri_plus_goout_project:shihonkanri_plus_goout:1.5.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CBFF2FD7-F27E-4FD7-AC29-82B9AEB77CC2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:shihonkanri_plus_goout_project:shihonkanri_plus_goout:2.2.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E5D5E495-50B6-4EF7-BE06-CD52F0723EC5"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://jvn.jp/en/jp/JVN32415420/index.html",
|
|
"source": "vultures@jpcert.or.jp",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |