mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
106 lines
3.2 KiB
JSON
106 lines
3.2 KiB
JSON
{
|
|
"id": "CVE-2009-5086",
|
|
"sourceIdentifier": "vultures@jpcert.or.jp",
|
|
"published": "2011-09-02T17:55:00.943",
|
|
"lastModified": "2011-10-26T02:45:00.887",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Cross-site scripting (XSS) vulnerability in Appliance Configuration Manager (ACM) in Juniper IDP 4.1 before 4.1r3 and 4.2 before 4.2r1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Appliance Configuration Manager (ACM) en Juniper IDP v4.1 antes de v4.1r3 y v4.2 antes de v4.2r1, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 4.3
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-79"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:juniper:idp:4.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4FA25F65-DAF8-421D-A868-E3C2A3D63592"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:juniper:idp:4.1r1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "543FDA58-FACD-4978-966D-68523447B5CA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:juniper:idp:4.1r2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "49AAB069-A4AE-4F48-85D8-1A5C92CD1044"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:juniper:idp:4.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8B5E8FFE-F5CC-4A66-81D7-279F7D69631A"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://jvn.jp/en/jp/JVN44642341/index.html",
|
|
"source": "vultures@jpcert.or.jp"
|
|
},
|
|
{
|
|
"url": "http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000071.html",
|
|
"source": "vultures@jpcert.or.jp"
|
|
},
|
|
{
|
|
"url": "http://s-tools1.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2009-01-191&viewMode=view",
|
|
"source": "vultures@jpcert.or.jp",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |