mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-09-17 18:45:49 +00:00
127 lines
3.8 KiB
JSON
127 lines
3.8 KiB
JSON
{
|
|
"id": "CVE-2018-11565",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2018-05-30T21:29:00.690",
|
|
"lastModified": "2018-07-03T13:53:54.623",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to mentioning the usernames that are already taken by people registered in the system rather than masking that information."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Mahara en versiones 17.04 anteriores a la 17.04.8, versiones 17.10 anteriores a la 17.10.5 y versiones 18.04 anteriores a la 18.04.1 es vulnerable a mencionar los nombres de usuario que ya est\u00e1n en uso por personas registradas en el sistema, en lugar de ocultar dicha informaci\u00f3n."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.3,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 1.4
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-200"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mahara:mahara:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.04.0",
|
|
"versionEndExcluding": "17.04.8",
|
|
"matchCriteriaId": "45AB0DD3-CCBA-4C94-837E-6E2B4635E8A9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mahara:mahara:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.10.0",
|
|
"versionEndExcluding": "17.10.5",
|
|
"matchCriteriaId": "87104E12-A6F3-4762-A518-F81C906DA755"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mahara:mahara:18.04.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "50BB0028-28D9-4F5C-B46A-B5BEFA50149E"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://bugs.launchpad.net/mahara/+bug/1772774",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Issue Tracking",
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://mahara.org/interaction/forum/topic.php?id=8271",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |