admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-109xx/CVE-2017-10913.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

163 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-10913",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-07-05T01:29:00.610",
"lastModified": "2024-11-21T03:06:44.217",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1."
},
{
"lang": "es",
"value": "La caracter\u00edstica de tabla grant en Xen, hasta las versiones 4.8.x, ofrece informaci\u00f3n de mapeo falsa en ciertos casos de llamadas simult\u00e1neas de desasignaci\u00f3n, lo que permite que atacantes del backend obtengan informaci\u00f3n sensible o adquieran privilegios. Esto tambi\u00e9n se conoce como XSA-218, fallo 1."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.8.1",
"matchCriteriaId": "7494A471-EEFC-44F4-96B1-FDBA3B780313"
}
]
}
]
}
],
"references": [
{
"url": "http://www.debian.org/security/2017/dsa-3969",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/99411",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1038722",
"source": "cve@mitre.org"
},
{
"url": "https://security.gentoo.org/glsa/201708-03",
"source": "cve@mitre.org"
},
{
"url": "https://security.gentoo.org/glsa/201710-17",
"source": "cve@mitre.org"
},
{
"url": "https://xenbits.xen.org/xsa/advisory-218.html",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "http://www.debian.org/security/2017/dsa-3969",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/99411",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1038722",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://security.gentoo.org/glsa/201708-03",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://security.gentoo.org/glsa/201710-17",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://xenbits.xen.org/xsa/advisory-218.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink