admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-49xx/CVE-2017-4959.json
cad-safe-bot 865d8c9414 Auto-Update: 2025-04-20T02:01:32.812855+00:00
2025-04-20 02:05:18 +00:00

313 lines
12 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-4959",
"sourceIdentifier": "security_alert@emc.com",
"published": "2017-06-13T06:29:00.363",
"lastModified": "2025-04-20T01:37:25.860",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Pivotal PCF Elastic Runtime 1.8.x versions prior to 1.8.29 and 1.9.x versions prior to 1.9.7. Pivotal Cloud Foundry deployments using the Pivotal Account application are vulnerable to a flaw which allows an authorized user to take over the account of another user, causing account lockout and potential escalation of privileges."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Pivotal PCF Elastic Runtime, en versiones 1.8.x anteriores a la 1.8.29 y en versiones 1.9.x anteriores a la 1.9.7. Los despliegues de Pivotal Cloud Foundry que emplean la aplicaci\u00f3n Pivotal Account son vulnerables a un error que permite que un usuario autorizado tome el control de la cuenta de otro usuario, lo que podr\u00eda provocar el bloqueo de la cuenta y un potencial escalado de privilegios."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "258FAFB4-2B67-456B-BE78-1562A3D5E9A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "15F08919-8764-419D-A399-1EAA6B055C5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "09BA6E79-22B6-4E5E-8C85-BBA8CB6C1828"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FB328ACE-FC3C-4255-9400-A9BBC5059F5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "877383E9-545F-4324-B8EA-76F33B7C11C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6BCA5E-1A43-41AA-ACEC-2C73E1B84D26"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF15EDB-2707-43E2-9B53-C0CCA28AC972"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C896CBBE-BE7B-44C3-A25E-F85BC7F6CE51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "944374E2-A07E-4EEA-BE0C-47EF62FFABA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CAEA85D5-10B2-4003-A857-2C46F9559694"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "799E1F2E-DA5F-41B5-9B83-55661E18D726"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9369A6-F59D-4C7A-830E-6EAC6F81A493"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.12:*:*:*:*:*:*:*",
"matchCriteriaId": "31A2732A-0309-4DF0-9EF1-7954D10BCFCC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C3101A31-55B3-4212-B78F-FE574B445F91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.14:*:*:*:*:*:*:*",
"matchCriteriaId": "DED599DA-D25C-45FD-9CDA-8E9E2D17364C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.15:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA779B7-1660-48B7-A648-E3952BFD1B14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.16:*:*:*:*:*:*:*",
"matchCriteriaId": "83A66A35-48D1-48E5-97A9-A6F136EC9BEE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.17:*:*:*:*:*:*:*",
"matchCriteriaId": "598033B9-A0FB-4A5B-9417-5A434608232A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A6CE5BCF-A1C8-4F24-A5BC-70FAF096253F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.19:*:*:*:*:*:*:*",
"matchCriteriaId": "85E0C92F-485D-4675-95F8-672E8489AF64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6B95BB7C-D9D7-4A63-B8AB-6EB456D236A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A06AE8D5-F30A-4F73-AF69-622F01D0BF0C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.22:*:*:*:*:*:*:*",
"matchCriteriaId": "167A8FDC-4C37-4AC4-9A0D-B73602F8062F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DDAEFA2F-3E9E-4B4F-8679-7F70A3ED6292"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.24:*:*:*:*:*:*:*",
"matchCriteriaId": "81501627-C022-4BEC-AF42-B10DF1CDA69E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.25:*:*:*:*:*:*:*",
"matchCriteriaId": "2FD7FDCF-4123-4000-821B-88D5214AF74D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.26:*:*:*:*:*:*:*",
"matchCriteriaId": "A0224626-1FB4-4DF5-B16F-5D2741E51E02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.27:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD367D8-748B-4CE7-8CF4-0549B02B1766"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.8.28:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DDC3D0-2523-4A10-824F-6630F7559CD8"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FA79FA-C53E-4852-941B-F8B32EBC0BE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F25D21E0-E84B-4BCF-B2D0-2332CD583128"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "80C76651-7E20-4456-ADA3-DF5020471743"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7911DD-A3CC-4046-884D-C11A1263B037"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8F122CEA-7924-45A6-BCFD-B9079C4B0DCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EBBFA1F5-3A00-4BCE-8E8D-B3E898933A71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3329004D-1F23-4991-A8ED-51DB1E596FD8"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/96218",
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://pivotal.io/security/cve-2017-4959",
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/96218",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://pivotal.io/security/cve-2017-4959",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink