mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
106 lines
3.4 KiB
JSON
106 lines
3.4 KiB
JSON
{
|
|
"id": "CVE-2015-0522",
|
|
"sourceIdentifier": "security_alert@emc.com",
|
|
"published": "2015-03-12T10:59:01.317",
|
|
"lastModified": "2024-11-21T02:23:14.630",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Cross-site scripting (XSS) vulnerability in EMC RSA Certificate Manager (RCM) before 6.9 build 558 and RSA Registration Manager (RRM) before 6.9 build 558 allows remote attackers to inject arbitrary web script or HTML via vectors related to the email address parameter."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de XSS en EMC RSA Certificate Manager (RCM) anterior a 6.9 build 558 y RSA Registration Manager (RRM) anterior a 6.9 build 558 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s de vectores relacionados con el par\u00e1metro de la direcci\u00f3n de correo."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
|
"baseScore": 4.3,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-79"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:emc:rsa_certificate_manager:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "6.8",
|
|
"matchCriteriaId": "A2BBC4AF-AEBD-4984-895A-01D74D46BC5E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:emc:rsa_registration_manager:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "6.8",
|
|
"matchCriteriaId": "A89084BC-DA10-4A92-86F3-B6F72EA07330"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html",
|
|
"source": "security_alert@emc.com"
|
|
},
|
|
{
|
|
"url": "http://seclists.org/bugtraq/2015/Mar/47",
|
|
"source": "security_alert@emc.com"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1031912",
|
|
"source": "security_alert@emc.com"
|
|
},
|
|
{
|
|
"url": "http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://seclists.org/bugtraq/2015/Mar/47",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1031912",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |