admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2014/CVE-2014-92xx/CVE-2014-9292.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

92 lines
2.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2014-9292",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-12-05T22:59:00.067",
"lastModified": "2024-11-21T02:20:33.793",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Server-side request forgery (SSRF) vulnerability in proxy.php in the jRSS Widget plugin 1.2 and earlier for WordPress allows remote attackers to trigger outbound requests and enumerate open ports via the url parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de SSRF en proxy.php en el plugin jRSS Widget 1.2 y anteriores para WordPress permite a atacantes remotos provocar solicitudes salientes y enumerar puertos abiertos a trav\u00e9s del par\u00e1metro url."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"baseScore": 5.8,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jrss_widget_project:jrss_widget:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2",
"matchCriteriaId": "33549B4E-1876-4CC6-8086-C54DB9146A99"
}
]
}
]
}
],
"references": [
{
"url": "http://codevigilant.com/disclosure/wp-plugin-jrss-widget-ssrfxspa/",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://codevigilant.com/disclosure/wp-plugin-jrss-widget-ssrfxspa/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
}
],
"evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/918.html\">CWE-918: Server-Side Request Forgery (SSRF)</a>"
}
Reference in New Issue View Git Blame Copy Permalink