mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
105 lines
3.2 KiB
JSON
105 lines
3.2 KiB
JSON
{
|
|
"id": "CVE-2015-0198",
|
|
"sourceIdentifier": "psirt@us.ibm.com",
|
|
"published": "2015-03-24T02:01:40.463",
|
|
"lastModified": "2016-12-31T02:59:15.797",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "IBM General Parallel File System (GPFS) 3.4 anterior a 3.4.0.32, 3.5 anterior a 3.5.0.24, y 4.1 anterior a 4.1.0.7 en ciertas configuraciones cipherList permite a atacantes remotos evadir la autenticaci\u00f3n y ejecutar programas arbitrarios como root a trav\u00e9s de vectores no especificados."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 10.0
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": true,
|
|
"obtainAllPrivilege": true,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-287"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B6C20DD7-88C1-4916-A063-878C95900841"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7F13ADEA-CFB7-4302-B7F2-74EF70F08FC9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8BE25822-329B-435C-B542-CD108A490FB4"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062",
|
|
"source": "psirt@us.ibm.com",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662",
|
|
"source": "psirt@us.ibm.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/73278",
|
|
"source": "psirt@us.ibm.com"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1032880",
|
|
"source": "psirt@us.ibm.com"
|
|
}
|
|
]
|
|
} |