admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-74xx/CVE-2019-7487.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

143 lines
4.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-7487",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2019-12-19T01:15:11.133",
"lastModified": "2020-01-08T18:38:30.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution."
},
{
"lang": "es",
"value": "La instalaci\u00f3n de SonicOS SSLVPN NACagent versi\u00f3n 3.5 en el sistema operativo Windows, un valor autorun se crea sin poner la ruta entre comillas, por lo que si un binario malicioso se introduce en la ruta principal por parte de un atacante, podr\u00eda permitir una ejecuci\u00f3n de c\u00f3digo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-428"
}
]
},
{
"source": "PSIRT@sonicwall.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-428"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.5.3.3",
"matchCriteriaId": "83EB3E0C-43F1-4C3C-9B1D-40F2F0FB3C6C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sonicwall:sonicos_sslvpn_nacagent:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6C0F7B-0302-4EC1-8B88-27DA8DD4B1DB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0022",
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink