Vulnerabilites related to openbravo - openbravo_erp
Vulnerability from fkie_nvd
Published
2017-06-05 14:29
Modified
2024-11-21 03:36
Severity ?
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Openbravo Business Suite 3.0 is affected by SQL injection. This vulnerability could allow remote authenticated attackers to inject arbitrary SQL code.
References
cve@mitre.orghttps://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2017-005Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2017-005Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
openbravo openbravo_erp 3.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B84F73C6-E951-40BB-8C36-BCBCB79662D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Openbravo Business Suite 3.0 is affected by SQL injection. This vulnerability could allow remote authenticated attackers to inject arbitrary SQL code."
    },
    {
      "lang": "es",
      "value": "Openbravo Business Suite versi\u00f3n 3.0, est\u00e1 afectado por la inyecci\u00f3n SQL. Esta vulnerabilidad podr\u00eda permitir a los atacantes autenticados remotos inyectar c\u00f3digo SQL arbitrario."
    }
  ],
  "id": "CVE-2017-9437",
  "lastModified": "2024-11-21T03:36:07.560",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-05T14:29:00.733",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2017-005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2017-005"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-07-28 18:15
Modified
2024-11-21 04:26
Severity ?
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated attackers to replace a file on the server via the getAttachmentDirectoryForNewAttachment inpKey value.
References
cve@mitre.orghttps://grep.blog/directory-traversal-openbravo/Third Party Advisory
cve@mitre.orghttps://issues.openbravo.com/view.php?id=41413Exploit, Patch, Vendor Advisory
cve@mitre.orghttps://www.sitincloud.com/securite/directory-traversal-openbravo-erp/Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://grep.blog/directory-traversal-openbravo/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://issues.openbravo.com/view.php?id=41413Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.sitincloud.com/securite/directory-traversal-openbravo-erp/Exploit, Third Party Advisory
Impacted products
Vendor Product Version
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0
openbravo openbravo_erp 3.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "7BB25161-9D16-4333-BE35-FAB1F0668831",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack0.1:*:*:*:*:*:*",
              "matchCriteriaId": "A5B59DBC-2FE6-456D-8397-8F850DD3D273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack1:*:*:*:*:*:*",
              "matchCriteriaId": "62634E19-5401-4318-A72D-D4599B3967B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack10:*:*:*:*:*:*",
              "matchCriteriaId": "39D2B604-B466-439D-9BCB-80E9B93A83DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack10.1:*:*:*:*:*:*",
              "matchCriteriaId": "B6AA745E-DAB5-4647-A2A6-61E37E60AB88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack10.2:*:*:*:*:*:*",
              "matchCriteriaId": "AE6FED44-CF81-4289-8F42-7295066C7952",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack10.3:*:*:*:*:*:*",
              "matchCriteriaId": "4FC9EAB5-7497-4C94-A198-9DDC36AF2354",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack11:*:*:*:*:*:*",
              "matchCriteriaId": "7F987158-0A41-4911-BF12-9195D287FDA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack11.1:*:*:*:*:*:*",
              "matchCriteriaId": "FB526293-2A1C-4395-BBB0-CB464C57F650",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack12:*:*:*:*:*:*",
              "matchCriteriaId": "638FE4BA-09F2-48ED-91DE-64503E6974D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack12.1:*:*:*:*:*:*",
              "matchCriteriaId": "1796942E-84EF-4BE5-88EE-818BF3175A94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack12.2:*:*:*:*:*:*",
              "matchCriteriaId": "1B1CD2BF-25F7-4130-8479-95C6FAC8F63A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack13:*:*:*:*:*:*",
              "matchCriteriaId": "2D4B8D80-3A31-4606-BA07-BD6F9DFBA636",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack13.1:*:*:*:*:*:*",
              "matchCriteriaId": "2F2C8D62-2C83-43E4-8096-E0493D9E50B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack13.2:*:*:*:*:*:*",
              "matchCriteriaId": "D2533D53-17A6-4CA1-8C6F-406B098018E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack14:*:*:*:*:*:*",
              "matchCriteriaId": "863FC80F-4323-42F4-A5D6-D830A1755D7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack14.1:*:*:*:*:*:*",
              "matchCriteriaId": "35F28A58-4F51-4BFE-A538-0383E98131A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack14.2:*:*:*:*:*:*",
              "matchCriteriaId": "124F70B7-162A-47E8-A613-903D26347AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack15:*:*:*:*:*:*",
              "matchCriteriaId": "770D266C-247A-4D98-A905-8054E11E20B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack15.1:*:*:*:*:*:*",
              "matchCriteriaId": "6B620CD5-C542-43C2-ADB0-C2FD14F8009F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack15.2:*:*:*:*:*:*",
              "matchCriteriaId": "268B5413-0383-4ADC-AE98-134EADE8B7D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack16:*:*:*:*:*:*",
              "matchCriteriaId": "63167EFD-9D2E-4BC9-B593-5147D22F1D01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack16.1:*:*:*:*:*:*",
              "matchCriteriaId": "7CC7D8E0-E25A-45DB-B71B-DCD4DBC02D43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack16.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DAFDF0F-8F67-4961-AF90-D1DC40A07E62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack16.3:*:*:*:*:*:*",
              "matchCriteriaId": "BB113340-EA10-43A5-918A-6819150D2717",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack17:*:*:*:*:*:*",
              "matchCriteriaId": "A9D6CD27-773E-4A89-A368-0846B238DA3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack17.1:*:*:*:*:*:*",
              "matchCriteriaId": "B018E732-E70C-4EDC-A1E2-ABD8E6DAFBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack17.2:*:*:*:*:*:*",
              "matchCriteriaId": "BD111512-6962-4391-B0B0-6A75E0BF65E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack17.3:*:*:*:*:*:*",
              "matchCriteriaId": "73810F20-9889-4309-9539-A8B5CB3DBAA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack18:*:*:*:*:*:*",
              "matchCriteriaId": "F9C023C5-6A26-4193-A993-0E8785D69858",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack18.1:*:*:*:*:*:*",
              "matchCriteriaId": "DF4F3DF4-7625-4012-93BF-1127347ABEF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack18.2:*:*:*:*:*:*",
              "matchCriteriaId": "9E29E5E3-BB07-476D-8B4E-27FB2A6760EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack18.3:*:*:*:*:*:*",
              "matchCriteriaId": "93BB3BBF-7F7B-4A6E-A024-EF859C1E3DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack18.4:*:*:*:*:*:*",
              "matchCriteriaId": "4BB6B84E-9184-4B8C-8936-6B0B876A436F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack18.5:*:*:*:*:*:*",
              "matchCriteriaId": "DD3D514D-C705-4EC1-8A18-C36FD72E65D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack19:*:*:*:*:*:*",
              "matchCriteriaId": "AA55C1C9-43C0-4545-8AC3-94CA9F626D4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack19.1:*:*:*:*:*:*",
              "matchCriteriaId": "CC3FEBE2-C9C8-4DEB-B5FD-1941BEE00435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack19.2:*:*:*:*:*:*",
              "matchCriteriaId": "812BB0A9-9A25-4908-9113-AC70372514AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack19.3:*:*:*:*:*:*",
              "matchCriteriaId": "BFCC03E1-9702-4667-829E-A9B47D3D5481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack19.4:*:*:*:*:*:*",
              "matchCriteriaId": "3B3C35FC-68E7-436E-B170-A1F894F745AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack2:*:*:*:*:*:*",
              "matchCriteriaId": "254036B1-D251-4130-B7AF-124262DEAEC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack2.1:*:*:*:*:*:*",
              "matchCriteriaId": "7EB41A47-2C80-4925-90A2-18C1284ACA01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack2.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE5ED64-FA2B-4807-BCD6-BF755100AC99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack2.3:*:*:*:*:*:*",
              "matchCriteriaId": "DD10878B-5C2E-47CB-9781-F760DC3AC9F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack2.4:*:*:*:*:*:*",
              "matchCriteriaId": "2F993503-14BA-43F1-B2C5-0ACD34B8643F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack20:*:*:*:*:*:*",
              "matchCriteriaId": "F1A3BABD-E9B0-4970-8694-660E2A12815F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack21:*:*:*:*:*:*",
              "matchCriteriaId": "6E5452A7-34D7-4891-956F-DAD6256F476C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack21.1:*:*:*:*:*:*",
              "matchCriteriaId": "F70183CB-6422-4B9C-9286-C2F8CE064849",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack22:*:*:*:*:*:*",
              "matchCriteriaId": "64A973B6-14C8-4E64-A328-1719483E737A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack22.1:*:*:*:*:*:*",
              "matchCriteriaId": "AE643E53-44C3-4347-A4FF-590DEABDF629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack22.2:*:*:*:*:*:*",
              "matchCriteriaId": "5F320A27-411B-44D4-8710-EDC3EDAA025A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack22.3:*:*:*:*:*:*",
              "matchCriteriaId": "5E508A65-CDE7-425F-980B-3D452981776D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack23:*:*:*:*:*:*",
              "matchCriteriaId": "1363F86F-8539-48A1-9574-85D4E8BD4762",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack23.1:*:*:*:*:*:*",
              "matchCriteriaId": "AE68FF6A-EC45-45FE-BD1B-32CF0342691B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack23.2:*:*:*:*:*:*",
              "matchCriteriaId": "71DBC741-DA9D-42BC-9D84-6CCA01A6CE0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack24:*:*:*:*:*:*",
              "matchCriteriaId": "B0A0AB36-D65C-47C9-91E4-FF556D90CEE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack24.1:*:*:*:*:*:*",
              "matchCriteriaId": "D220EBD7-F241-40C2-B432-672A0FF46EE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack24.2:*:*:*:*:*:*",
              "matchCriteriaId": "984409B1-6AD8-4266-9F35-28FBC20B62BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack25:*:*:*:*:*:*",
              "matchCriteriaId": "B9345B03-4AFF-4F29-BED7-78807ED3BFC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack25.1:*:*:*:*:*:*",
              "matchCriteriaId": "06AD249C-D285-42F9-8A19-8D6D59AB706A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack25.2:*:*:*:*:*:*",
              "matchCriteriaId": "69DAF672-8206-437D-95BF-B1F872548321",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack26:*:*:*:*:*:*",
              "matchCriteriaId": "0F7206C4-7FA6-406C-8A69-EB5256320559",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack26.1:*:*:*:*:*:*",
              "matchCriteriaId": "3DCE3F4E-145D-466F-9793-9E0DE62B8F31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack26.2:*:*:*:*:*:*",
              "matchCriteriaId": "9A2B4B64-9DB0-41B9-B3F2-AC497EC2BDE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack26.3:*:*:*:*:*:*",
              "matchCriteriaId": "42A9E676-7685-41B1-9310-8C74D7276627",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack26.4:*:*:*:*:*:*",
              "matchCriteriaId": "9A0436F4-A475-4553-888E-D6DF687EE507",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack27:*:*:*:*:*:*",
              "matchCriteriaId": "E987CDC5-AF53-45D9-88CB-7D37795268AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack27.1:*:*:*:*:*:*",
              "matchCriteriaId": "E10C0EE5-8EB2-4F31-9808-58798CE54A5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack28:*:*:*:*:*:*",
              "matchCriteriaId": "1F72DD2B-C35E-495A-9DED-4F354FF141D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack28.1:*:*:*:*:*:*",
              "matchCriteriaId": "10627A7F-DE17-4AD0-8D5A-091869B996F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack28.2:*:*:*:*:*:*",
              "matchCriteriaId": "BAE323B3-19A5-4698-84FA-4F1BF708F3C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack28.3:*:*:*:*:*:*",
              "matchCriteriaId": "7F6B1B69-FA2B-432D-BEEB-10C75BE605C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack28.4:*:*:*:*:*:*",
              "matchCriteriaId": "DA58B1CA-8DAE-458C-8E1A-46D5C9B82EB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack28.5:*:*:*:*:*:*",
              "matchCriteriaId": "875A1769-D485-456C-9AC8-580BD6F10ECA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack29:*:*:*:*:*:*",
              "matchCriteriaId": "14DDF305-D7B6-46BF-8FFE-9493C8DF4787",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack29.1:*:*:*:*:*:*",
              "matchCriteriaId": "17BC3F96-875A-4F7D-A896-EBDC18C5F43F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack29.2:*:*:*:*:*:*",
              "matchCriteriaId": "AAE00747-839A-4C11-A2BF-DCE44CC5DF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack29.3:*:*:*:*:*:*",
              "matchCriteriaId": "5B0A787C-263D-4FA5-9EDA-C9FC350A2265",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack29.4:*:*:*:*:*:*",
              "matchCriteriaId": "14D03020-D8F5-489B-B686-E3FF75DEDA97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack3:*:*:*:*:*:*",
              "matchCriteriaId": "54C073F6-9E93-4626-9048-5867A4B0789B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack3.1:*:*:*:*:*:*",
              "matchCriteriaId": "F3AB254F-839E-4F4B-B2F1-005BC0BCFD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack3.2:*:*:*:*:*:*",
              "matchCriteriaId": "29DB00DE-AE47-471B-8566-5D96B077C7FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack30:*:*:*:*:*:*",
              "matchCriteriaId": "2B1CC2C5-0625-4798-AEBF-622C8DD1AC28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack30.1:*:*:*:*:*:*",
              "matchCriteriaId": "BCCBBFBF-5DE1-4E86-95F5-C331DBB1FFA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack30.2:*:*:*:*:*:*",
              "matchCriteriaId": "B5D4583B-385F-43E8-9AA8-894633566FE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack30.3:*:*:*:*:*:*",
              "matchCriteriaId": "B51039B4-5C8A-4B7F-BEC4-7F1B9979DA2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack31:*:*:*:*:*:*",
              "matchCriteriaId": "20F3CDE4-7D38-4FEB-83E9-442D1BB6F68E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack31.1:*:*:*:*:*:*",
              "matchCriteriaId": "44700948-9FDB-4B39-B2AF-5E16B089B9F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack31.2:*:*:*:*:*:*",
              "matchCriteriaId": "650CD0D0-5D10-4FF4-94A2-43FC402237B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack31.3:*:*:*:*:*:*",
              "matchCriteriaId": "FDD53D77-6C54-4C8A-8ABA-597D84EFD748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack31.4:*:*:*:*:*:*",
              "matchCriteriaId": "2BD37C10-F62E-40BF-81FC-B6D26DD6FCC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack4:*:*:*:*:*:*",
              "matchCriteriaId": "A98560C8-57CF-43F9-9494-5AD2A9267356",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack4.1:*:*:*:*:*:*",
              "matchCriteriaId": "C5F0D857-9A4E-4111-941F-0C02EDD4F042",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack4.2:*:*:*:*:*:*",
              "matchCriteriaId": "A2B7F7C7-7D72-47F0-99F6-26DFD883E678",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack5:*:*:*:*:*:*",
              "matchCriteriaId": "CC3B09C9-2CB7-44AA-85C3-63DB90BD4B96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack5.1:*:*:*:*:*:*",
              "matchCriteriaId": "56E48FB7-69DC-40E0-877C-DE9DF1680E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack5.2:*:*:*:*:*:*",
              "matchCriteriaId": "D04A9232-7A79-4352-96EF-1C67409697BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack5.3:*:*:*:*:*:*",
              "matchCriteriaId": "31DAACC9-75E9-4AC1-AE7D-6DB444D60391",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack6:*:*:*:*:*:*",
              "matchCriteriaId": "D9323AC6-2884-4C00-9025-6F2B4D0EB657",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack6.1:*:*:*:*:*:*",
              "matchCriteriaId": "E4AA3F40-7303-4D43-9E46-6DB3C4063630",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack6.2:*:*:*:*:*:*",
              "matchCriteriaId": "482573A8-0594-4593-A923-9B7721DB1296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack7:*:*:*:*:*:*",
              "matchCriteriaId": "50264D77-157C-418F-A5FD-E989E3D8B40B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack7.1:*:*:*:*:*:*",
              "matchCriteriaId": "D856BFBC-19CE-4C52-834A-99FC1BB897DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack7.2:*:*:*:*:*:*",
              "matchCriteriaId": "3D3A33E7-80DF-411D-AAB2-283AE6265499",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack7.3:*:*:*:*:*:*",
              "matchCriteriaId": "68394B59-CC88-41D4-A77B-02F4FF0DC0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack8:*:*:*:*:*:*",
              "matchCriteriaId": "584D4C2F-81EA-4184-86ED-D8ACF75F8A6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack8.1:*:*:*:*:*:*",
              "matchCriteriaId": "F4613C95-2677-4287-9635-E0EA24788C20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack8.2:*:*:*:*:*:*",
              "matchCriteriaId": "86BE2EB8-C664-4EC3-B8C6-5F8AA16E88CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack8.3:*:*:*:*:*:*",
              "matchCriteriaId": "6763297B-AA5F-44B8-BE2A-5AD8D3FFABF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack8.4:*:*:*:*:*:*",
              "matchCriteriaId": "F0FF1B3E-5D02-4795-AC43-37632E9F4E9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack9:*:*:*:*:*:*",
              "matchCriteriaId": "FCF0DC27-47DB-4903-9809-7BB822BD081F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack9.1:*:*:*:*:*:*",
              "matchCriteriaId": "33395A99-CB65-45B5-AD35-83812DEE8794",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack9.2:*:*:*:*:*:*",
              "matchCriteriaId": "68BAF583-6EB9-4B89-8E1A-C001A9AE788A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:maintenance_pack9.3:*:*:*:*:*:*",
              "matchCriteriaId": "98B194F9-906C-49E2-83C5-5FC9BD772C55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q2:*:*:*:*:*:*",
              "matchCriteriaId": "D339C5F1-6A1F-4F82-A3D1-80B06F4E9D6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q2.1:*:*:*:*:*:*",
              "matchCriteriaId": "6033A732-3DA8-4983-9850-0A071B653BA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q2.2:*:*:*:*:*:*",
              "matchCriteriaId": "8125281D-D061-460C-99E8-1DF2DF568C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q2.3:*:*:*:*:*:*",
              "matchCriteriaId": "0CF408DE-6405-42B6-A64F-A8AF7DF90276",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q2.4:*:*:*:*:*:*",
              "matchCriteriaId": "45A6C19C-3D43-48FD-8187-71BC529A2661",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q2.5:*:*:*:*:*:*",
              "matchCriteriaId": "DA68F367-2353-4B43-8AC2-1E208122F19B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q2.6:*:*:*:*:*:*",
              "matchCriteriaId": "AB963611-F4D0-49C4-9ECC-2E00599D99D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q3:*:*:*:*:*:*",
              "matchCriteriaId": "E507282E-D10B-46B3-8F4D-928AB0E68558",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q3.1:*:*:*:*:*:*",
              "matchCriteriaId": "E684B641-180D-4F9F-8C1B-5841C51D4F1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q3.2:*:*:*:*:*:*",
              "matchCriteriaId": "3D3E3F83-09AC-4E4C-B869-F3DDF34C4150",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q3.3:*:*:*:*:*:*",
              "matchCriteriaId": "4427F824-D0DD-4920-AF85-908CF4039C23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q3.4:*:*:*:*:*:*",
              "matchCriteriaId": "066A3A6B-AB7C-424C-B887-FF998F4B7AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q3.5:*:*:*:*:*:*",
              "matchCriteriaId": "9EBCE36F-1BFD-4D88-A00D-19A4493781EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q3.6:*:*:*:*:*:*",
              "matchCriteriaId": "5DE10493-51A2-4DA0-B88A-9F76C93FD454",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q3.7:*:*:*:*:*:*",
              "matchCriteriaId": "11081323-0088-4520-BBE8-F333C90206F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q3.8:*:*:*:*:*:*",
              "matchCriteriaId": "9054465F-222E-424E-A3B4-9CF48E5C62C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr14q4:*:*:*:*:*:*",
              "matchCriteriaId": "6B63F606-9FF5-40D9-8235-5ADF698DA17C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q1:*:*:*:*:*:*",
              "matchCriteriaId": "93C6C994-C84A-4892-8C21-5CC4085023AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q1.1:*:*:*:*:*:*",
              "matchCriteriaId": "712B63FA-B463-4C2C-B080-0360FE5D2298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q1.2:*:*:*:*:*:*",
              "matchCriteriaId": "18908DA4-649E-4DE0-B0CA-B0E1AC36DAB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q1.3:*:*:*:*:*:*",
              "matchCriteriaId": "F22DD037-F01E-47C0-A5E4-FD9B208CF38A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q1.4:*:*:*:*:*:*",
              "matchCriteriaId": "81E4434B-C731-4D29-A9BB-43717F8A7B34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q1.5:*:*:*:*:*:*",
              "matchCriteriaId": "7A829F63-0E25-440F-B80E-B6BF0E282A3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q2:*:*:*:*:*:*",
              "matchCriteriaId": "E6123B61-B2F2-415D-BFE4-20F861D6CD62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q2.1:*:*:*:*:*:*",
              "matchCriteriaId": "BC8F43DB-8F05-450C-B03E-7C0A1F4B0554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q2.2:*:*:*:*:*:*",
              "matchCriteriaId": "5875C4F1-BF7D-4AB0-8DDA-ED48E4378FA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q2.3:*:*:*:*:*:*",
              "matchCriteriaId": "C4292C09-FACB-448F-A193-D1D06BB8CBC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q2.4:*:*:*:*:*:*",
              "matchCriteriaId": "05CD4C95-9A2E-43DD-AB78-56A4421DC314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q2.5:*:*:*:*:*:*",
              "matchCriteriaId": "75DC3B21-EB56-437A-B2D2-687FF6EDD5E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q2.6:*:*:*:*:*:*",
              "matchCriteriaId": "786DC47C-A294-49CC-8E3B-E0E1FD62BE5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q3:*:*:*:*:*:*",
              "matchCriteriaId": "24D1157C-08CA-48CF-B5F5-2E31B76F1EC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q3.1:*:*:*:*:*:*",
              "matchCriteriaId": "ADAE4ABA-F65C-4BD3-AEB3-48545C5397EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q3.2:*:*:*:*:*:*",
              "matchCriteriaId": "B1C85127-686B-4FF7-8CEC-0178CAFF0775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q3.3:*:*:*:*:*:*",
              "matchCriteriaId": "6D094942-8D6B-49D9-8748-AF673896FF11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q3.4:*:*:*:*:*:*",
              "matchCriteriaId": "7DE6F8AF-74FC-4688-9DD7-286446CF2763",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q3.5:*:*:*:*:*:*",
              "matchCriteriaId": "1916A1F0-FEB3-48C8-9ADD-D57A901ACF1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q4:*:*:*:*:*:*",
              "matchCriteriaId": "0E93E66F-5D16-4A1B-BB80-A6705AF0B63B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q4.1:*:*:*:*:*:*",
              "matchCriteriaId": "033CE64E-67F5-44B4-941A-15DC4F4CBCBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q4.2:*:*:*:*:*:*",
              "matchCriteriaId": "8AC5326C-F9F8-40BD-89A9-A47F3E069E2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q4.3:*:*:*:*:*:*",
              "matchCriteriaId": "C59F89A4-413E-4731-AB9F-E5C96AE99837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q4.4:*:*:*:*:*:*",
              "matchCriteriaId": "ABA3480F-A894-4F9F-BE9B-1E203BC8C089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q4.5:*:*:*:*:*:*",
              "matchCriteriaId": "47F60375-1807-44CD-A594-AC04B7E039E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr15q4.6:*:*:*:*:*:*",
              "matchCriteriaId": "D338701F-2203-4AF6-96AC-B5B88891E481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q1:*:*:*:*:*:*",
              "matchCriteriaId": "CD741089-08E2-490A-87A9-61CCA74C9278",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C3551545-C3FF-46C8-BECC-1CCB8B1AD818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q1.2:*:*:*:*:*:*",
              "matchCriteriaId": "30F4D853-7BC4-4151-9BB6-9114D5B53EC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q1.3:*:*:*:*:*:*",
              "matchCriteriaId": "967ED834-83E3-4E12-8015-79F9F424BB56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q2:*:*:*:*:*:*",
              "matchCriteriaId": "C8887C00-5D65-40A7-9404-6246F7988631",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q2.1:*:*:*:*:*:*",
              "matchCriteriaId": "DF9A17C5-F8EE-4BF2-ABB4-80A329331BAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q2.2:*:*:*:*:*:*",
              "matchCriteriaId": "810A1FB6-71E7-4432-A632-67C6927CBD56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q2.3:*:*:*:*:*:*",
              "matchCriteriaId": "A7891097-062B-4A2B-AC62-06C34948F1A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q2.4:*:*:*:*:*:*",
              "matchCriteriaId": "B55615D6-A13A-4B46-8699-8CE8B1590657",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q3:*:*:*:*:*:*",
              "matchCriteriaId": "75FB3827-8A94-4FD2-BD5E-AFC4AF82DD97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q3.1:*:*:*:*:*:*",
              "matchCriteriaId": "865E4A52-85FC-4AEA-A89B-A80660BD406B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q3.2:*:*:*:*:*:*",
              "matchCriteriaId": "BB0845D5-267B-4452-A787-F28755DDBB3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q3.3:*:*:*:*:*:*",
              "matchCriteriaId": "0D01B669-1698-4604-A4BA-6FFEB7BB70F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q3.4:*:*:*:*:*:*",
              "matchCriteriaId": "E54EEFA4-8BF1-42FF-A58C-08CC2E3DE170",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q3.5:*:*:*:*:*:*",
              "matchCriteriaId": "0CD58BCF-64EB-4C76-95ED-1CFDC468157E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q4:*:*:*:*:*:*",
              "matchCriteriaId": "9FFD4066-9A06-43D2-A746-A526E654575E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q4.1:*:*:*:*:*:*",
              "matchCriteriaId": "F0BD0DF6-55EE-4814-8424-85E0F6321870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q4.2:*:*:*:*:*:*",
              "matchCriteriaId": "70F7E8CC-0520-4E5B-A7DF-339EDED03EA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q4.3:*:*:*:*:*:*",
              "matchCriteriaId": "EDFEEA83-4910-4A04-BED9-054626041250",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr16q4.4:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EB6FB-80E5-4A1C-9861-41A86B9CE750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q1:*:*:*:*:*:*",
              "matchCriteriaId": "0666BC18-AADF-4EE2-9883-F89294036FBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q1.1:*:*:*:*:*:*",
              "matchCriteriaId": "9F83B714-F3B6-4376-8C11-5A79AC2972D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q1.2:*:*:*:*:*:*",
              "matchCriteriaId": "70DCEC35-E912-4182-9720-B89350A7AB05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q1.3:*:*:*:*:*:*",
              "matchCriteriaId": "33364A53-37B3-40FA-94C0-B743B64C2153",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q2:*:*:*:*:*:*",
              "matchCriteriaId": "6AC718E2-6D20-465F-A344-504F514381B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q2.1:*:*:*:*:*:*",
              "matchCriteriaId": "FA897D52-EAD7-466E-8EF2-81DABDBEB959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q2.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DD09127-1DD9-42DC-8B68-CB810C255DE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q2.3:*:*:*:*:*:*",
              "matchCriteriaId": "48E1CE89-3122-4CDA-81EB-9CD69CB40E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q2.4:*:*:*:*:*:*",
              "matchCriteriaId": "59EC2319-7133-4435-A416-BE855B3675D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q3:*:*:*:*:*:*",
              "matchCriteriaId": "DB26DCAD-DF6A-4C30-BBE2-0DE4AC28C449",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q3.1:*:*:*:*:*:*",
              "matchCriteriaId": "B80B2382-77E6-41CB-BFEE-B21C4AB22959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q3.2:*:*:*:*:*:*",
              "matchCriteriaId": "5FB8D244-4A71-4799-9A4E-64151DDA804C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q3.3:*:*:*:*:*:*",
              "matchCriteriaId": "FF959A24-32D2-43BF-883E-78B8DBDF2DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q4:*:*:*:*:*:*",
              "matchCriteriaId": "8BAA9AA3-65F4-4148-BC1A-5E81CCB7E8C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q4.1:*:*:*:*:*:*",
              "matchCriteriaId": "256C6A78-C56A-402C-B413-C8CA3F5571BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr17q4.2:*:*:*:*:*:*",
              "matchCriteriaId": "2E264AB4-96D7-4892-A57F-2A7564B9ACC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q1:*:*:*:*:*:*",
              "matchCriteriaId": "AD577A43-6FC6-48D1-BEDE-471BF7A9EB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q1.1:*:*:*:*:*:*",
              "matchCriteriaId": "43A03A0B-4980-408A-B708-819E8999F531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q1.2:*:*:*:*:*:*",
              "matchCriteriaId": "EA0DFADB-CCE2-4318-8281-B33E68272C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q1.3:*:*:*:*:*:*",
              "matchCriteriaId": "08C6E8F7-2956-49D2-97CC-1663CB034DDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q2:*:*:*:*:*:*",
              "matchCriteriaId": "591C01C3-6C5C-4F28-BFA6-13E147DA7FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q2.1:*:*:*:*:*:*",
              "matchCriteriaId": "7CBDA2E6-3423-4ADD-9CE7-7BC9C4492D6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q2.2:*:*:*:*:*:*",
              "matchCriteriaId": "C1F13954-088C-4192-997E-0743FD9A1E5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q2.3:*:*:*:*:*:*",
              "matchCriteriaId": "1C0E114C-B067-4181-9738-F55FB9978B36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q3:*:*:*:*:*:*",
              "matchCriteriaId": "B2E7FA76-7010-49D5-956F-C989790B25E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q3.1:*:*:*:*:*:*",
              "matchCriteriaId": "76060308-900A-4ACB-A5F8-B1ECC5D3705D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q3.2:*:*:*:*:*:*",
              "matchCriteriaId": "1BFBED77-EB95-404C-BD00-7137F60B1F7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q3.3:*:*:*:*:*:*",
              "matchCriteriaId": "632A718E-D6CB-4632-8CFC-1708A64E25B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q3.4:*:*:*:*:*:*",
              "matchCriteriaId": "4B5DA832-9927-45FE-9B9D-32D34C66CF38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q3.5:*:*:*:*:*:*",
              "matchCriteriaId": "620EBCD9-5785-40A5-A8F3-2B3240D5AC45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q4:*:*:*:*:*:*",
              "matchCriteriaId": "71AAD671-4A8C-4154-AE18-A3F0C31033C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q4.1:*:*:*:*:*:*",
              "matchCriteriaId": "44A153C0-53CA-49C9-A2CF-5454CC2167D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q4.2:*:*:*:*:*:*",
              "matchCriteriaId": "E574310A-19DF-4555-BA04-061B75C9992C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr18q4.3:*:*:*:*:*:*",
              "matchCriteriaId": "F5562198-EE67-4A3B-8C98-FC322AA5EA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr19q1:*:*:*:*:*:*",
              "matchCriteriaId": "3B7E3C78-7094-4D34-878B-E3748CE26ADF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr19q1.1:*:*:*:*:*:*",
              "matchCriteriaId": "6507AA36-19E6-4D95-9642-AE0DB481D2F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:3.0:pr19q1.2:*:*:*:*:*:*",
              "matchCriteriaId": "3894F258-5A1A-4BF1-A042-1A0BAB8AB5C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated attackers to replace a file on the server via the getAttachmentDirectoryForNewAttachment inpKey value."
    },
    {
      "lang": "es",
      "value": "ERP de Openbravo anterior a versi\u00f3n 3.0PR19Q1.3, est\u00e1 afectada por el Salto de Directorio. Esta vulnerabilidad podr\u00eda permitir a los atacantes autenticados remotos reemplazar un archivo en el servidor por medio del valor de inpKey de la funci\u00f3n getAttachmentDirectoryForNewAttachment."
    }
  ],
  "id": "CVE-2019-14362",
  "lastModified": "2024-11-21T04:26:35.580",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-07-28T18:15:11.043",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://grep.blog/directory-traversal-openbravo/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://issues.openbravo.com/view.php?id=41413"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.sitincloud.com/securite/directory-traversal-openbravo-erp/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://grep.blog/directory-traversal-openbravo/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://issues.openbravo.com/view.php?id=41413"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.sitincloud.com/securite/directory-traversal-openbravo-erp/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2013-11-02 19:55
Modified
2024-11-21 01:53
Severity ?
Summary
The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML document with an external entity declaration in conjunction with an entity reference to /ws/dal/ADUser or other /ws/dal/XXX interfaces, related to an XML External Entity (XXE) issue.
References
cret@cert.orghttp://www.kb.cert.org/vuls/id/533894Exploit, US Government Resource
cret@cert.orghttp://www.securityfocus.com/bid/63431Exploit
cret@cert.orghttps://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/533894Exploit, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/63431Exploit
af854a3a-2127-422b-91ae-364da2661108https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats
Impacted products
Vendor Product Version
openbravo openbravo_erp *
openbravo openbravo_erp 2.40
openbravo openbravo_erp 2.50


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "856429C7-7977-45DF-BA55-A319C87F22E3",
              "versionEndIncluding": "3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:2.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "36E5C029-509F-4005-B428-AC35F16F8A91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbravo:openbravo_erp:2.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C864621-1CB9-4753-A184-3CD65FD01CFD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML document with an external entity declaration in conjunction with an entity reference to /ws/dal/ADUser or other /ws/dal/XXX interfaces, related to an XML External Entity (XXE) issue."
    },
    {
      "lang": "es",
      "value": "La API XML en Openbravo ERP 2.5, 3.0 y anteriores permite a usuarios remotos autenticados leer archivos arbitrarios a trav\u00e9s de un documento XML con una declaraci\u00f3n de entidad externa en conjunci\u00f3n con una referencia de entidad en /ws/dal/ADUser u otra interfaz /ws/dal/XXX, esta relacionado con un problema XML External Entity (XXE)."
    }
  ],
  "id": "CVE-2013-3617",
  "lastModified": "2024-11-21T01:53:59.847",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-11-02T19:55:04.523",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/533894"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/63431"
    },
    {
      "source": "cret@cert.org",
      "url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/533894"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/63431"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2019-14362
Vulnerability from cvelistv5
Published
2019-07-28 17:26
Modified
2024-08-05 00:12
Severity ?
Summary
Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated attackers to replace a file on the server via the getAttachmentDirectoryForNewAttachment inpKey value.
References
https://www.sitincloud.com/securite/directory-traversal-openbravo-erp/x_refsource_MISC
https://grep.blog/directory-traversal-openbravo/x_refsource_MISC
https://issues.openbravo.com/view.php?id=41413x_refsource_MISC
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:12:43.491Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.sitincloud.com/securite/directory-traversal-openbravo-erp/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://grep.blog/directory-traversal-openbravo/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://issues.openbravo.com/view.php?id=41413"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated attackers to replace a file on the server via the getAttachmentDirectoryForNewAttachment inpKey value."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-28T17:26:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.sitincloud.com/securite/directory-traversal-openbravo-erp/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://grep.blog/directory-traversal-openbravo/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://issues.openbravo.com/view.php?id=41413"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-14362",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated attackers to replace a file on the server via the getAttachmentDirectoryForNewAttachment inpKey value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.sitincloud.com/securite/directory-traversal-openbravo-erp/",
              "refsource": "MISC",
              "url": "https://www.sitincloud.com/securite/directory-traversal-openbravo-erp/"
            },
            {
              "name": "https://grep.blog/directory-traversal-openbravo/",
              "refsource": "MISC",
              "url": "https://grep.blog/directory-traversal-openbravo/"
            },
            {
              "name": "https://issues.openbravo.com/view.php?id=41413",
              "refsource": "MISC",
              "url": "https://issues.openbravo.com/view.php?id=41413"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-14362",
    "datePublished": "2019-07-28T17:26:06",
    "dateReserved": "2019-07-28T00:00:00",
    "dateUpdated": "2024-08-05T00:12:43.491Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9437
Vulnerability from cvelistv5
Published
2017-06-05 14:00
Modified
2024-09-17 00:06
Severity ?
Summary
Openbravo Business Suite 3.0 is affected by SQL injection. This vulnerability could allow remote authenticated attackers to inject arbitrary SQL code.
References
https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2017-005x_refsource_MISC
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:11:01.598Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2017-005"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Openbravo Business Suite 3.0 is affected by SQL injection. This vulnerability could allow remote authenticated attackers to inject arbitrary SQL code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-05T14:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2017-005"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9437",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Openbravo Business Suite 3.0 is affected by SQL injection. This vulnerability could allow remote authenticated attackers to inject arbitrary SQL code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2017-005",
              "refsource": "MISC",
              "url": "https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2017-005"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9437",
    "datePublished": "2017-06-05T14:00:00Z",
    "dateReserved": "2017-06-05T00:00:00Z",
    "dateUpdated": "2024-09-17T00:06:04.973Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-3617
Vulnerability from cvelistv5
Published
2013-11-02 19:00
Modified
2024-09-17 02:36
Severity ?
Summary
The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML document with an external entity declaration in conjunction with an entity reference to /ws/dal/ADUser or other /ws/dal/XXX interfaces, related to an XML External Entity (XXE) issue.
References
https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treatsx_refsource_MISC
http://www.kb.cert.org/vuls/id/533894third-party-advisory, x_refsource_CERT-VN
http://www.securityfocus.com/bid/63431vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:14:56.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats"
          },
          {
            "name": "VU#533894",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/533894"
          },
          {
            "name": "63431",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/63431"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML document with an external entity declaration in conjunction with an entity reference to /ws/dal/ADUser or other /ws/dal/XXX interfaces, related to an XML External Entity (XXE) issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-11-02T19:00:00Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats"
        },
        {
          "name": "VU#533894",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/533894"
        },
        {
          "name": "63431",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/63431"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2013-3617",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML document with an external entity declaration in conjunction with an entity reference to /ws/dal/ADUser or other /ws/dal/XXX interfaces, related to an XML External Entity (XXE) issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats",
              "refsource": "MISC",
              "url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats"
            },
            {
              "name": "VU#533894",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/533894"
            },
            {
              "name": "63431",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/63431"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2013-3617",
    "datePublished": "2013-11-02T19:00:00Z",
    "dateReserved": "2013-05-21T00:00:00Z",
    "dateUpdated": "2024-09-17T02:36:55.070Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}