admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-109xx/CVE-2019-10928.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

126 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-10928",
"sourceIdentifier": "productcert@siemens.com",
"published": "2019-08-13T19:15:14.767",
"lastModified": "2020-10-02T14:09:24.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE SC-600 (V2.0). An authenticated attacker with access to port 22/tcp as well as physical access to an affected device may trigger the device to allow execution of arbitrary commands. The security vulnerability could be exploited by an authenticated attacker with physical access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the confidentiality, integrity and availability of the affected device."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SCALANCE SC-600 (V2.0). Un atacante autenticado con acceso al puerto 22 / tcp, as\u00ed como acceso f\u00edsico a un dispositivo afectado, puede activar el dispositivo para permitir la ejecuci\u00f3n de comandos arbitrarios. La vulnerabilidad de seguridad podr\u00eda ser explotada por un atacante autenticado con acceso f\u00edsico al dispositivo afectado. No se requiere interacci\u00f3n del usuario para explotar esta vulnerabilidad. La vulnerabilidad afecta la confidencialidad, integridad y disponibilidad del dispositivo afectado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-703"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:scalance_sc-600_firmware:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A39EC3B9-29E8-4DF3-91FD-42FE0A4AFC3D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "725C671B-D7A0-48CF-8A31-5F9C4173F1DD"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-671286.pdf",
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink