admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-12 02:04:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-54xx/CVE-2020-5401.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

137 lines
3.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-5401",
"sourceIdentifier": "security@pivotal.io",
"published": "2020-02-27T20:15:11.500",
"lastModified": "2020-03-03T19:43:28.807",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to reject subsequent legitimate clients trying to access the app."
},
{
"lang": "es",
"value": "Cloud Foundry Routing Release, versiones anteriores a 0.197.0, contiene GoRouter, que permite a clientes maliciosos enviar encabezados no v\u00e1lidos, causando que las capas de almacenamiento cach\u00e9 rechacen a clientes leg\u00edtimos posteriores que intentan acceder a la aplicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "security@pivotal.io",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-444"
}
]
},
{
"source": "security@pivotal.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-393"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloudfoundry:routing_release:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.197.0",
"matchCriteriaId": "37C4488F-846E-4C30-9156-AF9957F96582"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cloudfoundry.org/blog/cve-2020-5401",
"source": "security@pivotal.io",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink