admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-13xx/CVE-2017-1328.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

189 lines
6.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-1328",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2017-06-27T16:29:00.480",
"lastModified": "2024-11-21T03:21:43.533",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM API Connect 5.0.0.0 - 5.0.6.0 could allow a remote attacker to bypass security restrictions of the api, caused by improper handling of security policy. By crafting a suitable request, an attacker could exploit this vulnerability to bypass security and use the vulnerable API. IBM X-Force ID: 126230."
},
{
"lang": "es",
"value": "IBM API Connect 5.0.0.0 - 5.0.6.0 podr\u00eda permitir que un atacante remoto omita las restricciones de seguridad de la API, provocado por la gesti\u00f3n incorrecta de la pol\u00edtica de seguridad. Al manipular una petici\u00f3n adecuada, un atacante podr\u00eda explotar esta vulnerabilidad para omitir la seguridad y emplear la API vulnerable. IBM X-Force ID: 126230."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": true,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:api_connect:5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B43F8D4-A60E-4C56-B868-8616958A0B74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:api_connect:5.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39A4F3B4-A3D8-4281-BBB1-8B95297657F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:api_connect:5.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4049722A-338F-49FA-A9B2-2A432F04D2A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:api_connect:5.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C12F86C-FBDF-4231-B4EA-4279FC730088"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:api_connect:5.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBC9AEC-CD8B-4F2A-99A7-469B93107B9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:api_connect:5.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB03CE4-C3EE-41E9-9321-9AB9829FDB5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:api_connect:5.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B9AC88-C53D-4810-B21E-7A836524859B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:api_connect:5.0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8AD67C-0221-4EF1-B0A2-C13CEE62D27F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:api_connect:5.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61864755-C7B6-416C-9D3E-334AB3D94825"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:api_connect:5.0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7FCB9030-50A4-4B9B-8457-9DB9E13B3211"
}
]
}
]
}
],
"references": [
{
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003867",
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/99267",
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126230",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003867",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/99267",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126230",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink