mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
290 lines
11 KiB
JSON
290 lines
11 KiB
JSON
{
|
|
"id": "CVE-2014-0173",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2014-04-22T13:06:27.023",
|
|
"lastModified": "2024-11-21T02:01:33.533",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The Jetpack plugin before 1.9 before 1.9.4, 2.0.x before 2.0.9, 2.1.x before 2.1.4, 2.2.x before 2.2.7, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.2, 2.6.x before 2.6.3, 2.7.x before 2.7.2, 2.8.x before 2.8.2, and 2.9.x before 2.9.3 for WordPress does not properly restrict access to the XML-RPC service, which allows remote attackers to bypass intended restrictions and publish posts via unspecified vectors. NOTE: some of these details are obtained from third party information."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "El plugin Jetpack anterior a 1.9 anterior a 1.9.4, 2.0.x anterior a 2.0.9, 2.1.x anterior a 2.1.4, 2.2.x anterior a 2.2.7, 2.3.x anterior a 2.3.7, 2.4.x anterior a 2.4.4, 2.5.x anterior a 2.5.2, 2.6.x anterior a 2.6.3, 2.7.x anterior a 2.7.2, 2.8.x anterior a 2.8.2 y 2.9.x anterior a 2.9.3 para WordPress no restringe debidamente acceso al servicio XML-RPC, lo que permite a atacantes remotos evadir restricciones y publicar mensajes a trav\u00e9s de vectores no especificados. NOTA: algunos de estos detalles se obtienen de informaci\u00f3n de terceras partes."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
|
"baseScore": 5.8,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 4.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-264"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:1.9:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "5465AA1E-D2F0-4152-A6E3-9FA232CCF47B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:1.9.1:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "04AE244E-6F46-4A38-9A54-6E1DB84DE901"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:1.9.2:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "3A11DA6F-046B-4E55-84A3-FA3BC58A9E88"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.0:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "96268538-B603-4164-BD80-D652A83A0DDC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.0.1:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "A9B6F00B-4B90-4933-8A06-7198A190FBE4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.0.2:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "98DF6337-F098-4E62-B836-866C964E073E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.0.3:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "D307AB75-60CE-44BE-A6AD-DE8C53B81E64"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.0.4:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "A5D4675F-AB54-4227-83BF-EE29EDFD7B0C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.1:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "BE126651-479E-4669-A4A8-445C45F0B39E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.1.1:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "CBACDFB5-1B3C-4BAC-B729-FF3249242F96"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.1.2:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "D5BE7990-72DB-47D7-8795-3D2E55A89F68"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.2:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "50CE0762-101F-4C4A-A095-93B123430B91"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.2.1:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "50C87C2D-1E4E-42D4-8241-026FABE6A553"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.2.2:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "424DE391-BBAB-4F6F-A6B8-D4411C333C12"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.2.3:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "533E86A1-A1A0-45A4-9B57-F74E39F2D9B5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.2.4:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "B5F2C07B-7D37-4785-8FB9-BCE44D67C1E5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.2.5:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "6A70B3E3-E222-4980-BB89-3D031C9152DE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.3:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "61DAD647-51F5-41A9-9E7A-4E29AF14CE0D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.3.1:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "9942C264-5C4B-4046-B3C7-F3CA95BFA2B7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.3.2:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "43FA2519-9D13-4EC3-B43C-E8E334192B7F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.3.3:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "4F24E0A1-F7FC-4679-AD0F-BCAD09F039D3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.3.4:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "63D784CB-AF36-480C-BD39-575EFA2174ED"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.3.5:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "E10444B2-17DC-476C-9D25-4E4E4F857BD3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.4:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "CE26F4B0-4125-45A4-9942-3F4B4A4FD5EE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.4.1:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "741CF1D7-5CF3-4A80-9E67-3994AB8F0819"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.4.2:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "E0EBB7A8-7CA1-4B21-8CB7-1BCAACDE0023"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.5:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "2A8B3F25-4ED3-4AFA-8DD5-452D0DB04AD4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.6:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "FD46AF5F-ED2B-4398-89EB-72C3BBDDB738"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.6.1:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "3F19C429-7B02-4A3B-AEDD-F96C9A09C626"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.7:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "30163557-FBC3-4DFD-BDBC-1DCE2DE651DA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.8:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "80D0896F-2EF5-44BA-A346-F55240DE4024"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.9:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "12E69FA4-004C-4F02-9151-4652D2A317CA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.9.1:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "234DDD15-11B2-4CEF-8CF2-A4A9B35C4069"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.9.2:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "09018C46-240E-4496-8F9B-AC2D7FF912DD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:automattic:jetpack:2.9.3:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "D4981064-C981-4E52-9819-A00779873A74"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://jetpack.me/2014/04/10/jetpack-security-update/",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/57729",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/66789",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92560",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://jetpack.me/2014/04/10/jetpack-security-update/",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/57729",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/66789",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92560",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |