admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2012/CVE-2012-33xx/CVE-2012-3369.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

302 lines
8.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2012-3369",
"sourceIdentifier": "secalert@redhat.com",
"published": "2013-02-05T23:55:01.427",
"lastModified": "2024-11-21T01:40:43.470",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CallerIdentityLoginModule in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 allows remote attackers to gain privileges of the previous user via a null password, which causes the previous user's password to be used."
},
{
"lang": "es",
"value": "CallerIdentityLoginModule en JBoss Enterprise Application Platform (EAP) anterior a versi\u00f3n 5.2.0, Web Platform (EWP) anterior a versi\u00f3n 5.2.0, BRMS Platform anterior a versi\u00f3n 5.3.1 y SOA Platform anterior a versi\u00f3n 5.3.1, y SOA Platform anterior a Versi\u00f3n 5.3.1, permite a los atacantes remotos alcanzar privilegios del usuario anterior por medio de una contrase\u00f1a null, lo que causa que sea usada la contrase\u00f1a del usuario anterior."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38F66D5B-F906-437E-977E-F9F930648886"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46849C8D-36E9-4E97-BB49-E04F4EB199E6"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.3.0",
"matchCriteriaId": "57FBD0FE-A84D-4707-A2DA-CB9F4920CBA8"
}
]
}
]
}
],
"references": [
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0191.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0192.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0193.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0194.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0195.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0196.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0197.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0198.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0221.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0533.html",
"source": "secalert@redhat.com"
},
{
"url": "http://secunia.com/advisories/51984",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/52054",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1028042",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/bid/57547",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=836451",
"source": "secalert@redhat.com"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81512",
"source": "secalert@redhat.com"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0191.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0192.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0193.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0194.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0195.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0196.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0197.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0198.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0221.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0533.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/51984",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/52054",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1028042",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/57547",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=836451",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81512",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
],
"evaluatorComment": "Per http://rhn.redhat.com/errata/RHSA-2013-0198.html \"This JBoss Enterprise Web Platform 5.2.0 release serves as a replacement for JBoss Enterprise Web Platform 5.1.2, and includes bug fixes and enhancements.\" \r\n\r\nPer http://rhn.redhat.com/errata/RHSA-2013-0191.html \"This JBoss Enterprise Application Platform 5.2.0 release serves as a replacement for JBoss Enterprise Application Platform 5.1.2, and includes bug fixes and enhancements.\""
}
Reference in New Issue View Git Blame Copy Permalink