admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-01xx/CVE-2015-0121.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

254 lines
9.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-0121",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2015-05-30T19:59:00.083",
"lastModified": "2024-11-21T02:22:24.353",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next Generation (RDNG) 4.0 through 4.0.7 and 5.0 through 5.0.2, when LTPA single sign on is used with WebSphere Application Server, do not terminate a Requirements Management (RM) session upon LTPA token expiration, which allows remote attackers to obtain access by leveraging an unattended workstation."
},
{
"lang": "es",
"value": "IBM Rational Requirements Composer 3.0 hasta 3.0.1.6 y 4.0 hasta 4.0.7 y Rational DOORS Next Generation (RDNG) 4.0 hasta 4.0.7 y 5.0 hasta 5.0.2, cuando el 'Single Sign On' de LTPA est\u00e1 utilizado con WebSphere Application Server, no terminan una sesi\u00f3n de Requirements Management (RM) cuando caduca el token LTPA, lo que permite a atacantes remotos obtener el acceso mediante el aprovechamiento de una estaci\u00f3n de trabajo desatendida."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"baseScore": 3.7,
"accessVector": "LOCAL",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "LOW",
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8"
}
]
}
]
}
],
"references": [
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903761",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/74910",
"source": "psirt@us.ibm.com"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903761",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/74910",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
],
"evaluatorComment": "<a href=\"https://cwe.mitre.org/data/definitions/613.html\">CWE-613: Insufficient Session Expiration</a>"
}
Reference in New Issue View Git Blame Copy Permalink