admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-29 05:56:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-114xx/CVE-2017-11496.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

147 lines
4.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-11496",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-10-03T01:29:01.077",
"lastModified": "2018-05-11T01:29:00.950",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer basado en pila en hasplms en Gemalto ACC (Admin Control Center) en todas sus versiones desde HASP SRM 2.10 hasta Sentinel LDK 7.50 permite que los atacantes remotos ejecuten c\u00f3digo arbitrario mediante transferencias ASN.1 mal formadas en V2C y archivos de entrada similares."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gemalto:sentinel_ldk_rte:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A0D085F4-A4D5-406F-9C71-60E38674D4A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gemalto:sentinel_ldk_rte:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "613D88BA-F9E7-4F5C-849D-36D5C0934617"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gemalto:sentinel_ldk_rte:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A692A81-F3B0-4894-A04D-948D488AD2CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gemalto:sentinel_ldk_rte:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "22489E71-8667-40F0-BC80-35278EF7DC08"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/102739",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/102906",
"source": "cve@mitre.org"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf",
"source": "cve@mitre.org"
},
{
"url": "https://ics-cert.kaspersky.com/alerts/2017/07/28/multiple-vulnerabilities-found-in-popular-license-manager/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-018-01",
"source": "cve@mitre.org"
},
{
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01",
"source": "cve@mitre.org"
},
{
"url": "https://www.iotvillage.org/slides_dc25/Sergey_Vlad_DEFCON_IOT_Village_Public2017.pptx",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink