admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-54xx/CVE-2019-5490.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

519 lines
18 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-5490",
"sourceIdentifier": "security-alert@netapp.com",
"published": "2019-03-21T19:29:00.580",
"lastModified": "2020-08-24T17:37:01.140",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Certain versions between 2.x to 5.x (refer to advisory) of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Any platform listed in the advisory Impact section may be affected and should be upgraded to a fixed version of Service Processor firmware IMMEDIATELY."
},
{
"lang": "es",
"value": "Ciertas versiones entre la 2.x y la 5.x (v\u00e9ase el advisory) del firmware de NetApp Service Processor se distribu\u00edan con una cuenta por defecto habilitada que podr\u00eda permitir la ejecuci\u00f3n no autorizada de comandos arbitrarios. Cualquier plataforma listada en la secci\u00f3n \"impact\" del advisory podr\u00eda haberse visto afectada y debe actualizarse a una versi\u00f3n solucionada del firmware de Service Processor INMEDIATAMENTE."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1188"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "719C418A-B9BC-4BD5-AC8F-EE82F605A30C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.7:-:*:*:*:*:*:*",
"matchCriteriaId": "39F51F1A-3E63-46E1-ADF3-8192221D87B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:4.5:-:*:*:*:*:*:*",
"matchCriteriaId": "6C902785-AC3D-4221-A4CC-B3FA62856373"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "93D5D337-89D5-49E7-B24E-13770B545B83"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "392B4E85-99B9-48A7-B139-F59E32879A8A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "719C418A-B9BC-4BD5-AC8F-EE82F605A30C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.7:-:*:*:*:*:*:*",
"matchCriteriaId": "39F51F1A-3E63-46E1-ADF3-8192221D87B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:4.5:-:*:*:*:*:*:*",
"matchCriteriaId": "6C902785-AC3D-4221-A4CC-B3FA62856373"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "93D5D337-89D5-49E7-B24E-13770B545B83"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "14E39741-0427-40B6-9A43-B2A20AD24650"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "719C418A-B9BC-4BD5-AC8F-EE82F605A30C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.7:-:*:*:*:*:*:*",
"matchCriteriaId": "39F51F1A-3E63-46E1-ADF3-8192221D87B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:4.5:-:*:*:*:*:*:*",
"matchCriteriaId": "6C902785-AC3D-4221-A4CC-B3FA62856373"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "93D5D337-89D5-49E7-B24E-13770B545B83"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "117DCE70-6D53-4CA4-8DFA-987725A5E879"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:2.5:-:*:*:*:*:*:*",
"matchCriteriaId": "E6D12CA3-0868-4115-87B1-B4115C94DEBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.4:-:*:*:*:*:*:*",
"matchCriteriaId": "E9FE6E2C-C949-4BA1-81A0-DC0F7F734EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.4:patch1:*:*:*:*:*:*",
"matchCriteriaId": "5E5A1717-018F-4216-9368-566DFCA12E57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.4:patch2:*:*:*:*:*:*",
"matchCriteriaId": "8A673025-321B-4376-9426-EFC5E8C1E571"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:4.2:-:*:*:*:*:*:*",
"matchCriteriaId": "B3B387C2-8E99-4ECF-8C13-C299BD06CD2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:4.2:patch1:*:*:*:*:*:*",
"matchCriteriaId": "98EDF5B4-E436-4B30-85E8-4B409EB2126E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:4.2:patch2:*:*:*:*:*:*",
"matchCriteriaId": "31150CC3-3FE9-4D09-B202-D3368946000B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:5.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9732D6A0-E987-470B-B780-9AB96C3C4973"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:5.2:patch1:*:*:*:*:*:*",
"matchCriteriaId": "BA0AA984-AAD9-4E73-B02E-A0F887336B09"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD89FB43-C397-43F4-B157-A8B1B6F9962C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:2.4.1:-:*:*:*:*:*:*",
"matchCriteriaId": "8B21CBF7-E2EF-47F1-AB6B-87D78E285C03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:2.4.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8FAA95A7-8A43-48AC-A0E9-DB4A8E9A6C40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.3:-:*:*:*:*:*:*",
"matchCriteriaId": "7F943157-7946-45B2-B904-6C4587D11A44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "CF9D0EAD-18CC-4D4B-9322-93A63ED4C017"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.3:patch2:*:*:*:*:*:*",
"matchCriteriaId": "05144BF3-1F80-4C82-9246-B6F7648F6C52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.3:patch3:*:*:*:*:*:*",
"matchCriteriaId": "8989CA8B-6F81-4EBA-BEC7-1D5E5914F3BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.3:patch4:*:*:*:*:*:*",
"matchCriteriaId": "3ACBD45A-47A7-4EA1-972F-DAF4B7710F39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:4.1:-:*:*:*:*:*:*",
"matchCriteriaId": "49193A78-75D1-4F04-A3F3-5ED57ADD65B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:4.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "73E31337-8214-4886-8FBD-036966B5F929"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:4.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "0D66219B-9192-49E7-86BB-7DD0F908DB1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:4.1:patch3:*:*:*:*:*:*",
"matchCriteriaId": "B995E407-5C75-4668-9B6B-829E3E4238B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:4.1:patch4:*:*:*:*:*:*",
"matchCriteriaId": "46EDDB30-94D7-4113-A5E4-5A3FF982D064"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:4.1:patch5:*:*:*:*:*:*",
"matchCriteriaId": "572B4890-DD1D-491C-82BB-762379FF7BDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:4.1:patch6:*:*:*:*:*:*",
"matchCriteriaId": "B7646CED-E3BD-4CCB-B39F-0574E8103C9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "44F7E17E-29FA-4366-A1B4-F357B07035A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:5.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "24EB22C5-EDC1-443A-9E2E-7CB2A05FB304"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:5.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "8405B058-6A9E-41C1-9544-5540190B5E80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:5.1:patch3:*:*:*:*:*:*",
"matchCriteriaId": "9BB0C569-25AB-4DDE-AB10-98D2C494DCFE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "092BACC2-3518-4AEC-B07C-26A7765A7934"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:2.4:-:*:*:*:*:*:*",
"matchCriteriaId": "A080A22D-162B-4E53-970C-7EEA96F61CC9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "4DA70C10-F101-41B0-83D6-42ADDE7A9CE6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3ED302E-F464-40DE-A976-FD518E42D95D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:2.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "68C45B4C-3FA2-4597-AF4F-67B22FC0107A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:2.3.2:patch1:*:*:*:*:*:*",
"matchCriteriaId": "F5534859-5691-4042-8B3F-13FFE15C838C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:2.3.2:patch2:*:*:*:*:*:*",
"matchCriteriaId": "A490D45E-576E-488A-A82D-23165E6C174E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:2.3.2:patch3:*:*:*:*:*:*",
"matchCriteriaId": "12E3E966-7A03-4381-802F-C839C0365D4D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "41D5AFD4-2AF8-42A9-A95D-E5EEF8889D67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.1.2:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A9C3042F-A4E6-4F5E-AE7F-4AF5880CBF92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.1.2:patch2:*:*:*:*:*:*",
"matchCriteriaId": "1DB3F9A9-E468-457C-AAAF-579069E23500"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D440961-4908-444B-987F-5D8A3980C89A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:2.2.5:-:*:*:*:*:*:*",
"matchCriteriaId": "4E6C7A09-071C-4397-AA71-70CF0C22EE6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:service_processor:3.0.4:-:*:*:*:*:*:*",
"matchCriteriaId": "033C63E3-58CA-45A1-B279-DD17D52DBFCE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8722E3-564A-47CB-95B6-AFA591384504"
}
]
}
]
}
],
"references": [
{
"url": "http://support.lenovo.com/us/en/solutions/LEN-26771",
"source": "security-alert@netapp.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20190305-0001/",
"source": "security-alert@netapp.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink