nvd-json-data-feeds/CVE-2008/CVE-2008-59xx/CVE-2008-5980.json

{
  "id": "CVE-2008-5980",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2009-01-27T01:30:00.627",
  "lastModified": "2017-09-29T01:32:54.933",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Ocean12 Mailing List Manager Gold stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for o12mail.mdb."
    },
    {
      "lang": "es",
      "value": "El gestor de listas de correo Ocean12 Mailing List Manager Gold almacena datos sensibles bajo el directorio ra\u00edz del arbol de directorios de la interfaz web con un control de acceso insuficiente, lo que permite a atacantes remotos descargar una base de datos a trav\u00e9s de una petici\u00f3n directa de o12mail.mdb."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ocean12_technologies:mailing_list_manager:_nil_:gold:*:*:*:*:*:*",
              "matchCriteriaId": "3B0AF1A4-DA30-4A6D-81A5-6F8D772CCBE0"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47023",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://www.exploit-db.com/exploits/7319",
      "source": "cve@mitre.org"
    }
  ]
}