admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-01xx/CVE-2015-0110.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

213 lines
7.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-0110",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2017-09-15T20:29:00.270",
"lastModified": "2017-09-26T18:29:07.217",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Business Process Manager (aka BPM) 7.5.x, 8.0.x, and 8.5.x and WebSphere Lombardi Edition (aka WLE) 7.2.x allow remote authenticated users to bypass intended access restrictions on internal service types via vectors involving the executeServiceByName URL."
},
{
"lang": "es",
"value": "IBM Business Process Manager (BPM) 7.5.x, 8.0.x y 8.5.x y WebSphere Lombardi Edition (WLE) 7.2.x permiten que usuarios autenticados remotos omitan las restricciones de acceso establecidas en tipos de servicios internos mediante vectores relacionados con la URL executeServiceByName."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42264DE4-CEED-4FA5-8C77-82BF9A55F3F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E78ECD-6FFA-4AA0-B8B4-F9C002D6F8EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC02B89-813E-4B3D-B518-6565BE06C575"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "06DFA125-9D52-4C16-9946-DB8D43700415"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "613CC0CD-083E-439A-9A53-777E69CDE2DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "161542A0-E919-4105-AD4F-C881ACF8D26B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8D1DC9-CB5E-4627-8689-B5FA7C5DE1C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "32504DEB-7391-4452-BA2E-409959B24222"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F74820-DF10-499E-AF7A-93AC285843D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4C12274F-495C-4E81-A317-E66916B0A2F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "989C89DF-C6CB-45C9-9592-30A83896BD71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "783C2592-9669-4C75-9E63-C834482F6F8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7021B830-3EE4-446D-8D87-BBD2097A023E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.0:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "0F01429B-F1A2-4C9A-A942-8C7951D8F454"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.1:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "B17CAD84-9637-4166-A8D8-7EC784EF6130"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.2:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "C3796DA7-CA75-4C5C-B5ED-F4468D5240C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.3:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "05EB6216-7893-45CA-B731-C2E3B86F5D13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.4:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "3378FFC5-D787-448F-BF4C-5545A13C1BDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.2.0.5:*:*:*:lombardi:*:*:*",
"matchCriteriaId": "885708B0-7176-4C9D-A485-218706AF170A"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/73274",
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21694940",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink