mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
123 lines
3.6 KiB
JSON
123 lines
3.6 KiB
JSON
{
|
|
"id": "CVE-2009-0043",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2009-01-08T19:30:11.250",
|
|
"lastModified": "2018-10-11T20:59:46.967",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The smmsnmpd service in CA Service Metric Analysis r11.0 through r11.1 SP1 and Service Level Management 3.5 does not properly restrict access, which allows remote attackers to execute arbitrary commands via unspecified vectors."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "El servicio smmsnmpd en CA Service Metric Analysis r11.0 hasta r11.1 SP1 y Service Level Management v3.5 no restringe el acceso adecuadamente, lo cual permite a atacantes remotos ejecutar comandos de su elecci\u00f3n a trav\u00e9s de vectores no especificados."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 10.0
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": true,
|
|
"obtainAllPrivilege": true,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-264"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:service_level_management:3.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8EDC9EFE-8401-4A6C-9C7F-0E6945839406"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:service_metric_analysis:r11.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "84F66415-014D-4F3B-97AD-87189E100CA5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:service_metric_analysis:r11.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "07202650-A1D8-4235-9C2B-9EB480205E0B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:service_metric_analysis:r11.1:sp1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "291902E2-F337-41C5-B570-4E8C959002BE"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/07.aspx",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://securityreason.com/securityalert/4887",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/499857/100/0/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/33161",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2009/0053",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=196148",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
}
|
|
]
|
|
} |