nvd-json-data-feeds/CVE-2019/CVE-2019-170xx/CVE-2019-17082.json

{
  "id": "CVE-2019-17082",
  "sourceIdentifier": "security@opentext.com",
  "published": "2024-11-26T20:15:19.957",
  "lastModified": "2024-12-17T16:15:21.400",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficiently Protected Credentials vulnerability in OpenText\u2122 AccuRev allows Authentication Bypass. When installed on a Linux or Solaris system\n\nthe vulnerability could allow\u00a0anyone who knows a valid AccuRev username can use the AccuRev client to login and gain access to AccuRev source control without knowing the user\u2019s password.\n\nThis issue affects AccuRev: 2017.1."
    },
    {
      "lang": "es",
      "value": "La vulnerabilidad de falta de autenticaci\u00f3n para funciones cr\u00edticas en AccuRev for LDAP Integration de OpenText\u2122 permite omitir la autenticaci\u00f3n. La vulnerabilidad podr\u00eda permitir que un nombre de usuario v\u00e1lido de AccuRev obtenga acceso al control de origen de AccuRev sin conocer la contrase\u00f1a del usuario. Este problema afecta a AccuRev for LDAP Integration: 2017.1."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "security@opentext.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:N/R:I/V:C/RE:M/U:Red",
          "baseScore": 9.0,
          "baseSeverity": "CRITICAL",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "attackRequirements": "NONE",
          "privilegesRequired": "NONE",
          "userInteraction": "PASSIVE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "HIGH",
          "subIntegrityImpact": "HIGH",
          "subAvailabilityImpact": "HIGH",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "PRESENT",
          "Automatable": "NO",
          "Recovery": "IRRECOVERABLE",
          "valueDensity": "CONCENTRATED",
          "vulnerabilityResponseEffort": "MODERATE",
          "providerUrgency": "RED"
        }
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security@opentext.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-522"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://support.microfocus.com/kb/kmdoc.php?id=KM03544106",
      "source": "security@opentext.com"
    }
  ]
}