admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-80xx/CVE-2015-8024.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

121 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-8024",
"sourceIdentifier": "cve@mitre.org",
"published": "2015-12-02T16:59:00.107",
"lastModified": "2016-12-07T18:25:58.697",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) 9.3.x before 9.3.2MR19, 9.4.x before 9.4.2MR9, and 9.5.x before 9.5.0MR8, when configured to use Active Directory or LDAP authentication sources, allow remote attackers to bypass authentication by logging in with the username \"NGCP|NGCP|NGCP;\" and any password."
},
{
"lang": "es",
"value": "McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM) y Enterprise Security Manager/Receiver (ESMREC) 9.3.x en versiones anteriores a 9.3.2MR19, 9.4.x en versiones anteriores a 9.4.2MR9 y 9.5.x en versiones anteriores a 9.5.0MR8, cuando se configura para utilizar fuentes de autenticaci\u00f3n Active Directory o LDAP, permite a atacantes remotos eludir la autenticaci\u00f3n por medio del inicio de sesi\u00f3n con el nombre de usuario 'NGCP|NGCP|NGCP;' y cualquier contrase\u00f1a."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F23590-6EE0-4C68-8664-AEA340C339DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5C288B-8850-49A3-9362-D1F0DE58D30C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AE33937-A286-4266-B497-2C42DE98AB46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "95B252A8-E09F-4DC3-A3DC-8D9C4D94DC7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF89E8B-45F6-4197-A52E-BC31D0F81ECC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39B89D53-8A59-4623-B0C5-6F08CD357656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "097627F1-1F77-4CC7-AB31-CA9E5D31E0BD"
}
]
}
]
}
],
"references": [
{
"url": "http://www.quantumleap.it/mcafee-siem-esm-esmrec-and-esmlm-authentication-bypass-vulnerability/",
"source": "cve@mitre.org"
},
{
"url": "http://www.securitytracker.com/id/1034288",
"source": "cve@mitre.org"
},
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10137",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink