CVE-2016-1291 - Vulnerability Details

Vendors	Products
Cisco	Evolved Programmable Network Manager Prime Infrastructure
Sun	Opensolaris

Link	Providers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode
http://www.securitytracker.com/id/1035497
https://blogs.securiteam.com/index.php/archives/2727

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-04-06T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-30T18:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1035497", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1035497"}, {"tags": ["x_refsource_MISC"], "url": "https://blogs.securiteam.com/index.php/archives/2727"}, {"name": "20160406 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2016-1291", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1035497", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035497"}, {"name": "https://blogs.securiteam.com/index.php/archives/2727", "refsource": "MISC", "url": "https://blogs.securiteam.com/index.php/archives/2727"}, {"name": "20160406 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:48:13.653Z"}, "title": "CVE Program Container", "references": [{"name": "1035497", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1035497"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://blogs.securiteam.com/index.php/archives/2727"}, {"name": "20160406 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2016-1291", "datePublished": "2016-04-06T23:00:00", "dateReserved": "2016-01-04T00:00:00", "dateUpdated": "2024-08-05T22:48:13.653Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2016-04-06T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2016-11-30T18:57:01 (string)

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

}

references : [ »

0 : { »

name : 1035497 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id/1035497 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://blogs.securiteam.com/index.php/archives/2727 (string)

}

2 : { »

name : 20160406 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@cisco.com (string)

ID : CVE-2016-1291 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 1035497 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id/1035497 (string)

}

1 : { »

name : https://blogs.securiteam.com/index.php/archives/2727 (string)

refsource : MISC (string)

url : https://blogs.securiteam.com/index.php/archives/2727 (string)

}

2 : { »

name : 20160406 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability (string)

refsource : CISCO (string)

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T22:48:13.653Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 1035497 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1035497 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://blogs.securiteam.com/index.php/archives/2727 (string)

}

2 : { »

name : 20160406 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

2 : x_transferred (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

assignerShortName : cisco (string)

cveId : CVE-2016-1291 (string)

datePublished : 2016-04-06T23:00:00 (string)

dateReserved : 2016-01-04T00:00:00 (string)

dateUpdated : 2024-08-05T22:48:13.653Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C057764-0A1B-41A9-A21B-F665480145AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "BA72A91C-0E65-420A-9DBE-3E0853EDB7C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.2.0.103:*:*:*:*:*:*:*", "matchCriteriaId": "B257E2F8-30EB-4BCC-8ACF-35DF73107AAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "8B48C1E6-7C18-4C6B-B402-9C0E1A931C2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "B64A7FCA-1DEA-45B2-9C69-CCDCC848D9B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.3.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "E78D776C-AA8C-471D-A0C0-02428FA07A29", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "9D3206E7-DC91-4861-AD32-46DA82509D5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.4.0.45:*:*:*:*:*:*:*", "matchCriteriaId": "1704AC8E-BD7E-4882-8BB3-45B9E2AE0F10", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "9ACB00E7-41E3-4221-8400-A279A75FD355", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "853315C7-01A7-4E83-9CBB-D45F6B5C4664", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "EB157A80-3A03-4B8D-9B20-C456A953CF7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "7678B118-E00C-4B1E-8B40-D3233DE3615C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "56394A07-6D74-4588-8C05-DE04959F7FC7", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_124:*:sparc:*:*:*:*:*", "matchCriteriaId": "09B35C0E-6CBA-4B6B-BCD2-F5CC0BF8CF53", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192."}, {"lang": "es", "value": "Cisco Prime Infrastructure 1.2.0 hasta la versi\u00f3n 2.2(2) y Cisco Evolved Programmable Network Manager (EPNM) 1.2 permiten a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos deserializados manipulados en una petici\u00f3n HTTP POST, tambi\u00e9n conocido como Bug ID CSCuw03192."}], "id": "CVE-2016-1291", "lastModified": "2024-11-21T02:46:07.733", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-04-06T23:59:11.847", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id/1035497"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://blogs.securiteam.com/index.php/archives/2727"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1035497"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://blogs.securiteam.com/index.php/archives/2727"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 3C057764-0A1B-41A9-A21B-F665480145AD (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:cisco:prime_infrastructure:1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : BA72A91C-0E65-420A-9DBE-3E0853EDB7C5 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:cisco:prime_infrastructure:1.2.0.103:*:*:*:*:*:*:* (string)

matchCriteriaId : B257E2F8-30EB-4BCC-8ACF-35DF73107AAC (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:cisco:prime_infrastructure:1.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 8B48C1E6-7C18-4C6B-B402-9C0E1A931C2C (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:cisco:prime_infrastructure:1.3:*:*:*:*:*:*:* (string)

matchCriteriaId : B64A7FCA-1DEA-45B2-9C69-CCDCC848D9B3 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:cisco:prime_infrastructure:1.3.0.20:*:*:*:*:*:*:* (string)

matchCriteriaId : E78D776C-AA8C-471D-A0C0-02428FA07A29 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:cisco:prime_infrastructure:1.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 9D3206E7-DC91-4861-AD32-46DA82509D5B (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:cisco:prime_infrastructure:1.4.0.45:*:*:*:*:*:*:* (string)

matchCriteriaId : 1704AC8E-BD7E-4882-8BB3-45B9E2AE0F10 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:cisco:prime_infrastructure:1.4.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 9ACB00E7-41E3-4221-8400-A279A75FD355 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:cisco:prime_infrastructure:1.4.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 853315C7-01A7-4E83-9CBB-D45F6B5C4664 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:cisco:prime_infrastructure:2.0:*:*:*:*:*:*:* (string)

matchCriteriaId : EB157A80-3A03-4B8D-9B20-C456A953CF7E (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:cisco:prime_infrastructure:2.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 7678B118-E00C-4B1E-8B40-D3233DE3615C (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:cisco:prime_infrastructure:2.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 56394A07-6D74-4588-8C05-DE04959F7FC7 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:sun:opensolaris:snv_124:*:sparc:*:*:*:*:* (string)

matchCriteriaId : 09B35C0E-6CBA-4B6B-BCD2-F5CC0BF8CF53 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192. (string)

}

1 : { »

lang : es (string)

value : Cisco Prime Infrastructure 1.2.0 hasta la versión 2.2(2) y Cisco Evolved Programmable Network Manager (EPNM) 1.2 permiten a atacantes remotos ejecutar código arbitrario a través de datos deserializados manipulados en una petición HTTP POST, también conocido como Bug ID CSCuw03192. (string)

}

]

id : CVE-2016-1291 (string)

lastModified : 2024-11-21T02:46:07.733 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 9.3 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:N/AC:M/Au:N/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 10 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 9.8 (number)

baseSeverity : CRITICAL (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2016-04-06T23:59:11.847 (string)

references : [ »

0 : { »

source : ykramarz@cisco.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode (string)

}

1 : { »

source : ykramarz@cisco.com (string)

url : http://www.securitytracker.com/id/1035497 (string)

}

2 : { »

source : ykramarz@cisco.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : https://blogs.securiteam.com/index.php/archives/2727 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securitytracker.com/id/1035497 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : https://blogs.securiteam.com/index.php/archives/2727 (string)

}

]

sourceIdentifier : ykramarz@cisco.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-20 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object