fkie_cve-2017-4974
Vulnerability from fkie_nvd
Published
2017-06-13 06:29
Modified
2024-11-21 03:26
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v258; UAA release 2.x versions prior to v2.7.4.15, 3.6.x versions prior to v3.6.9, 3.9.x versions prior to v3.9.11, and other versions prior to v3.16.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.13, 24.x versions prior to v24.8, and other versions prior to v30.1. An authorized user can use a blind SQL injection attack to query the contents of the UAA database, aka "Blind SQL Injection with privileged UAA endpoints."
References
security_alert@emc.comhttp://www.securityfocus.com/bid/99254Broken Link, Third Party Advisory, VDB Entry
security_alert@emc.comhttps://www.cloudfoundry.org/cve-2017-4974/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/99254Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.cloudfoundry.org/cve-2017-4974/Vendor Advisory
Impacted products
Vendor Product Version
cloudfoundry cf-release *
cloudfoundry cloud_foundry_uaa_bosh *
cloudfoundry cloud_foundry_uaa_bosh 13.1
cloudfoundry cloud_foundry_uaa_bosh 13.2
cloudfoundry cloud_foundry_uaa_bosh 13.3
cloudfoundry cloud_foundry_uaa_bosh 13.4
cloudfoundry cloud_foundry_uaa_bosh 13.5
cloudfoundry cloud_foundry_uaa_bosh 13.6
cloudfoundry cloud_foundry_uaa_bosh 13.7
cloudfoundry cloud_foundry_uaa_bosh 13.8
cloudfoundry cloud_foundry_uaa_bosh 13.9
cloudfoundry cloud_foundry_uaa_bosh 13.10
cloudfoundry cloud_foundry_uaa_bosh 13.11
cloudfoundry cloud_foundry_uaa_bosh 13.12
cloudfoundry cloud_foundry_uaa_bosh 24
cloudfoundry cloud_foundry_uaa_bosh 24.1
cloudfoundry cloud_foundry_uaa_bosh 24.2
cloudfoundry cloud_foundry_uaa_bosh 24.3
cloudfoundry cloud_foundry_uaa_bosh 24.4
cloudfoundry cloud_foundry_uaa_bosh 24.5
cloudfoundry cloud_foundry_uaa_bosh 24.6
cloudfoundry cloud_foundry_uaa_bosh 24.7
cloudfoundry cloud_foundry_uaa_bosh 30.1
cloudfoundry cloud_foundry_uaa_bosh 30.2
cloudfoundry cloud_foundry_uaa_bosh 30.3
pivotal_software cloud_foundry_uaa *
pivotal_software cloud_foundry_uaa 2.2.5.4
pivotal_software cloud_foundry_uaa 2.7.1
pivotal_software cloud_foundry_uaa 2.7.2
pivotal_software cloud_foundry_uaa 2.7.3
pivotal_software cloud_foundry_uaa 2.7.4
pivotal_software cloud_foundry_uaa 2.7.4.1
pivotal_software cloud_foundry_uaa 2.7.4.2
pivotal_software cloud_foundry_uaa 2.7.4.3
pivotal_software cloud_foundry_uaa 2.7.4.4
pivotal_software cloud_foundry_uaa 2.7.4.5
pivotal_software cloud_foundry_uaa 2.7.4.6
pivotal_software cloud_foundry_uaa 2.7.4.7
pivotal_software cloud_foundry_uaa 2.7.4.8
pivotal_software cloud_foundry_uaa 2.7.4.9
pivotal_software cloud_foundry_uaa 2.7.4.11
pivotal_software cloud_foundry_uaa 2.7.4.12
pivotal_software cloud_foundry_uaa 2.7.4.13
pivotal_software cloud_foundry_uaa 2.7.4.14
pivotal_software cloud_foundry_uaa 3.6.1
pivotal_software cloud_foundry_uaa 3.6.2
pivotal_software cloud_foundry_uaa 3.6.3
pivotal_software cloud_foundry_uaa 3.6.4
pivotal_software cloud_foundry_uaa 3.6.5
pivotal_software cloud_foundry_uaa 3.6.6
pivotal_software cloud_foundry_uaa 3.6.7
pivotal_software cloud_foundry_uaa 3.6.8
pivotal_software cloud_foundry_uaa 3.9.1
pivotal_software cloud_foundry_uaa 3.9.2
pivotal_software cloud_foundry_uaa 3.9.3
pivotal_software cloud_foundry_uaa 3.9.4
pivotal_software cloud_foundry_uaa 3.9.5
pivotal_software cloud_foundry_uaa 3.9.6
pivotal_software cloud_foundry_uaa 3.9.7
pivotal_software cloud_foundry_uaa 3.9.8
pivotal_software cloud_foundry_uaa 3.9.9
pivotal_software cloud_foundry_uaa 3.9.10
pivotal_software cloud_foundry_uaa 3.9.12
pivotal_software cloud_foundry_uaa 3.9.13


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cf-release:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB81DE95-661D-46E7-900D-10B18EC18EE0",
              "versionEndIncluding": "v257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8396327-A941-4AA1-A548-4DA197D25F82",
              "versionEndIncluding": "30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24E2CE5-6DBA-4B45-951D-0F7189C9A94D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0EB01AB-A033-4DCC-B433-0674078E31DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "749B1CBF-6297-4F4D-970D-25D1D0A88AE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C369E22-27DF-40B3-B94F-45DFC47E6A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "15A2FE05-FC02-4FC1-B9B3-40E4EC62C5D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A4975D0-2C4D-4883-A849-D434FB8A7E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E85B347-27E2-4EF9-9CF0-13902EC4741D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "93081AC1-C07E-4E6D-8B1E-8D561461FEB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F6208B-7FA5-4177-8942-2037BEE99546",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD8DA4C6-BCA9-4959-82FC-2596C6EBD6E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8120A442-6A3D-4918-A829-A84B2B9694E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D7AF658-FFBB-49AB-8A44-9989A7FEC707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24:*:*:*:*:*:*:*",
              "matchCriteriaId": "A090F790-1A28-4238-8727-3F9475706A9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEFE0727-C152-4726-A70E-C75BACD31071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "38D708B8-485D-445E-8A21-474A500F1184",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4B8A221-8740-4D35-871D-EABDB2F8332D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A426C1DD-0C64-468A-B96E-B0B94FFF0A89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEFEEACE-5BED-4507-A770-69D36F478791",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "860B073C-AC50-473C-9650-7421F3638FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B44C3F2-5AC4-4D05-BAF0-EFDFB3FDC3BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:30.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E80E3184-345D-4C78-ABAA-94B3D9A53252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:30.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F654A04-B949-415D-982A-7341486B2B01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:30.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEF9F58F-1387-4D84-932F-8CC8F380E797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF552C5A-2298-43F4-AF70-20E9E4B402D4",
              "versionEndIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "942E59F5-172F-4802-81AE-D43E72189889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACFDEF8D-9BE5-43ED-8E1D-2B63A1294EDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "504AA7E0-D1F5-4097-B53B-F0E36328B1EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DCD6CB7-5D49-4897-8353-44E5B08D9375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1B4C4EB-3337-4053-BA4B-93A849263A42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9339A684-B1F0-4110-9E48-A04BED74DC2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F35CCB74-63A3-4F95-9EAE-ADC5A8BACB99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2A1BAE9-FCB6-458E-A1A6-03F0AB742E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2261C887-8179-4BBA-A2CF-174F8F3017FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EED2616-E58D-4604-BBBC-AC24BCA068A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "916733EA-F51A-49E2-9D47-9B713B36C847",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA1887F9-EB71-41AE-9E45-DD86A54AA958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7D01A32-98DA-4F7F-B7A0-D1695478C208",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C57AACB-1ECA-4047-A8AA-D768DA54BB86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D164FF1-D85D-4800-A726-465A32974BEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAC5B15-895E-43CA-AFE1-EE7E06EF08D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "10286C78-A413-4FD3-B7F7-39C17A50D75C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D022F9B-4877-4A97-AE22-BAF579B38DE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D741750F-DC85-4701-90F7-4AE00DB04B0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E126E318-6572-4BC3-8FA4-835AC49432C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A5B622B-C14C-4160-ACFD-CD2AB3786828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBE0A85A-5B1A-49E0-8FC7-4A68505B6506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8E3CEAB-E58E-4870-A719-F46D6DE2E710",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DEDD149-4BBB-47A1-8E23-2247DCF9C13C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "225B90A0-757D-4406-9EC1-A31968CC7F87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC8157B8-A26B-4148-A02A-DBEC662FE701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6955DB34-FA12-41A6-A90F-456777ADEB81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B92D875-509C-42BE-90E4-112C94170199",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "166C908D-7D5F-43DD-B3EA-BAFF23DBBDAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B83917A-D326-4874-AD82-0DBD131DC0EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5C19F44-AB0F-44BB-A298-F81B853FA71D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B981590F-0649-4BBA-AB5F-CC5C7858DFF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A36B9F9-6D45-4D84-869A-25131BF482BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FADC5C69-1910-4D19-97B2-B44A594B8B34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5314895-961D-4D2B-A0C9-1B23C03317CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA5A5B1C-7111-464E-9F49-D13621233AC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97CB502-CE1E-4B63-88D0-7A826C825B84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F3AAD33-275B-4FF1-9434-BEE85543F7B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v258; UAA release 2.x versions prior to v2.7.4.15, 3.6.x versions prior to v3.6.9, 3.9.x versions prior to v3.9.11, and other versions prior to v3.16.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.13, 24.x versions prior to v24.8, and other versions prior to v30.1. An authorized user can use a blind SQL injection attack to query the contents of the UAA database, aka \"Blind SQL Injection with privileged UAA endpoints.\""
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 un problema en cf-release versiones anteriores a v258; UAA release versiones 2.x anteriores a v2.7.4.15, versiones 3.6.x anteriores a v3.6.9, versiones 3.9.x anteriores a v3.9.11, y otras versiones anteriores a v3.16.0; y UAA bosh release (uaa-release) versiones 13.x anteriores a v13.13, versiones 24.x anteriores a v24.8, y otras versiones anteriores a v30.1 de Cloud Foundry Foundation. Un usuario autorizado puede usar un ataque de inyecci\u00f3n SQL a ciegas para consultar el contenido de la base de datos UAA, tambi\u00e9n se conoce como \"Blind SQL Injection with privileged UAA endpoints.\""
    }
  ],
  "id": "CVE-2017-4974",
  "lastModified": "2024-11-21T03:26:47.160",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-13T06:29:00.677",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99254"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.cloudfoundry.org/cve-2017-4974/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99254"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.cloudfoundry.org/cve-2017-4974/"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.