admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2009/CVE-2009-50xx/CVE-2009-5014.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

170 lines
6.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2009-5014",
"sourceIdentifier": "cve@mitre.org",
"published": "2010-11-06T00:00:01.220",
"lastModified": "2010-11-09T05:00:00.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The default quickstart configuration of TurboGears2 (aka tg2) before 2.0.2 has a weak cookie salt, which makes it easier for remote attackers to bypass repoze.who authentication via a forged authorization cookie, a related issue to CVE-2010-3852."
},
{
"lang": "es",
"value": "La configuraci\u00f3n de inicio r\u00e1pido por defecto de TurboGears2 (o TG2) antes de su versi\u00f3n v2.0.2 tiene una cookie 'salt' d\u00e9bil, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes remotos evitar la autenticaci\u00f3n de repoze.who a trav\u00e9s de una cookie falsificada. Es un problema relacionado con el CVE-2010-3852."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-310"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.1b2",
"matchCriteriaId": "9BB596B6-3E2A-4961-AD67-B7E74DA85705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:1.9.7a2:*:*:*:*:*:*:*",
"matchCriteriaId": "802FBC58-C096-4960-8AAF-C45E82AF1CF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:1.9.7a3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ABF22A-389C-45E4-88DB-9C14B0D07DFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:1.9.7a4:*:*:*:*:*:*:*",
"matchCriteriaId": "40144A54-DDF6-4CD2-BC53-6B801B9F2A4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:1.9.7b1:*:*:*:*:*:*:*",
"matchCriteriaId": "E032AF6B-7A03-4DB2-9018-6A8B3EF708C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:1.9.7b2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5EBB8AF-5428-471B-BE25-90C905A8A522"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0799228C-833A-43CC-A65B-9A727C75E644"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "782BD6DB-665A-4497-A1E9-5FE864A7EC07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:2.0b1:*:*:*:*:*:*:*",
"matchCriteriaId": "27CAAB6C-C3DB-4F1E-80DA-7E4D04B5E48C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:2.0b2:*:*:*:*:*:*:*",
"matchCriteriaId": "28A0004D-7B94-4456-818B-440D3969A5FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:2.0b3:*:*:*:*:*:*:*",
"matchCriteriaId": "0E6F15E3-8F19-4EC3-95EA-AA0358AB6A6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:2.0b4:*:*:*:*:*:*:*",
"matchCriteriaId": "2073CB4F-C18B-4F63-851D-38C3F0262B79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:2.0b5:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D6300E-4D32-49B9-A25A-F3166D3385FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:2.0b6:*:*:*:*:*:*:*",
"matchCriteriaId": "F6AC9CAD-D54F-4E58-B515-AEA861594480"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:2.0b7:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6DCDEF-590F-43B2-8550-075FEE546764"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:2.1a1:*:*:*:*:*:*:*",
"matchCriteriaId": "B62D4F9E-4D8A-4F2A-9028-4C870DED0141"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:2.1a2:*:*:*:*:*:*:*",
"matchCriteriaId": "E95E2E8A-C609-47E1-B614-A785547FBEE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:2.1a3:*:*:*:*:*:*:*",
"matchCriteriaId": "5AED604B-C756-4477-897C-7A41F37A0EF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:turbogears:turbogears2:2.1b1:*:*:*:*:*:*:*",
"matchCriteriaId": "2576B8ED-7CAE-4028-AD0C-3B446B3E1C01"
}
]
}
]
}
],
"references": [
{
"url": "http://groups.google.com/group/turbogears-announce/msg/09ec26696b1761bb?dmode=source&output=gplain",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink