CVE-2020-1916 - Vulnerability Details

Vendors	Products
Facebook	Hhvm

Link	Providers
https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4
https://hhvm.com/blog/2020/11/12/security-update.html

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "HHVM", "vendor": "Facebook", "versions": [{"lessThan": "unspecified", "status": "unaffected", "version": "4.83.1", "versionType": "custom"}, {"status": "affected", "version": "4.83.0"}, {"lessThan": "unspecified", "status": "unaffected", "version": "4.82.1", "versionType": "custom"}, {"status": "affected", "version": "4.82.0"}, {"lessThan": "unspecified", "status": "unaffected", "version": "4.81.1", "versionType": "custom"}, {"status": "affected", "version": "4.81.0"}, {"lessThan": "unspecified", "status": "unaffected", "version": "4.80.1", "versionType": "custom"}, {"status": "affected", "version": "4.80.0"}, {"lessThan": "unspecified", "status": "unaffected", "version": "4.79.1", "versionType": "custom"}, {"status": "affected", "version": "4.79.0"}, {"lessThan": "unspecified", "status": "unaffected", "version": "4.78.1", "versionType": "custom"}, {"lessThan": "unspecified", "status": "affected", "version": "4.57.0", "versionType": "custom"}, {"lessThan": "unspecified", "status": "unaffected", "version": "4.56.2", "versionType": "custom"}, {"lessThan": "4.56.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "dateAssigned": "2020-10-30T00:00:00", "descriptions": [{"lang": "en", "value": "An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This issue affects HHVM prior to 4.56.2, all versions between 4.57.0 and 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "description": "Heap-based Buffer Overflow (CWE-122)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-03-10T15:50:27", "orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "shortName": "facebook"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://hhvm.com/blog/2020/11/12/security-update.html"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve-assign@fb.com", "DATE_ASSIGNED": "2020-10-30", "ID": "CVE-2020-1916", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "HHVM", "version": {"version_data": [{"version_affected": "!>=", "version_value": "4.83.1"}, {"version_affected": "=", "version_value": "4.83.0"}, {"version_affected": "!>=", "version_value": "4.82.1"}, {"version_affected": "=", "version_value": "4.82.0"}, {"version_affected": "!>=", "version_value": "4.81.1"}, {"version_affected": "=", "version_value": "4.81.0"}, {"version_affected": "!>=", "version_value": "4.80.1"}, {"version_affected": "=", "version_value": "4.80.0"}, {"version_affected": "!>=", "version_value": "4.79.1"}, {"version_affected": "=", "version_value": "4.79.0"}, {"version_affected": "!>=", "version_value": "4.78.1"}, {"version_affected": ">=", "version_value": "4.57.0"}, {"version_affected": "!>=", "version_value": "4.56.2"}, {"version_affected": "<", "version_value": "4.56.2"}]}}]}, "vendor_name": "Facebook"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This issue affects HHVM prior to 4.56.2, all versions between 4.57.0 and 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Heap-based Buffer Overflow (CWE-122)"}]}]}, "references": {"reference_data": [{"name": "https://hhvm.com/blog/2020/11/12/security-update.html", "refsource": "CONFIRM", "url": "https://hhvm.com/blog/2020/11/12/security-update.html"}, {"name": "https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4", "refsource": "MISC", "url": "https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:54:00.370Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://hhvm.com/blog/2020/11/12/security-update.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4"}]}]}, "cveMetadata": {"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "assignerShortName": "facebook", "cveId": "CVE-2020-1916", "datePublished": "2021-03-10T15:50:27", "dateReserved": "2019-12-02T00:00:00", "dateUpdated": "2024-08-04T06:54:00.370Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : HHVM (string)

vendor : Facebook (string)

versions : [ »

0 : { »

lessThan : unspecified (string)

status : unaffected (string)

version : 4.83.1 (string)

versionType : custom (string)

}

1 : { »

status : affected (string)

version : 4.83.0 (string)

}

2 : { »

lessThan : unspecified (string)

status : unaffected (string)

version : 4.82.1 (string)

versionType : custom (string)

}

3 : { »

status : affected (string)

version : 4.82.0 (string)

}

4 : { »

lessThan : unspecified (string)

status : unaffected (string)

version : 4.81.1 (string)

versionType : custom (string)

}

5 : { »

status : affected (string)

version : 4.81.0 (string)

}

6 : { »

lessThan : unspecified (string)

status : unaffected (string)

version : 4.80.1 (string)

versionType : custom (string)

}

7 : { »

status : affected (string)

version : 4.80.0 (string)

}

8 : { »

lessThan : unspecified (string)

status : unaffected (string)

version : 4.79.1 (string)

versionType : custom (string)

}

9 : { »

status : affected (string)

version : 4.79.0 (string)

}

10 : { »

lessThan : unspecified (string)

status : unaffected (string)

version : 4.78.1 (string)

versionType : custom (string)

}

11 : { »

lessThan : unspecified (string)

status : affected (string)

version : 4.57.0 (string)

versionType : custom (string)

}

12 : { »

lessThan : unspecified (string)

status : unaffected (string)

version : 4.56.2 (string)

versionType : custom (string)

}

13 : { »

lessThan : 4.56.2 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

]

dateAssigned : 2020-10-30T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This issue affects HHVM prior to 4.56.2, all versions between 4.57.0 and 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

cweId : CWE-122 (string)

description : Heap-based Buffer Overflow (CWE-122) (string)

lang : en (string)

type : CWE (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2021-03-10T15:50:27 (string)

orgId : 4fc57720-52fe-4431-a0fb-3d2c8747b827 (string)

shortName : facebook (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://hhvm.com/blog/2020/11/12/security-update.html (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve-assign@fb.com (string)

DATE_ASSIGNED : 2020-10-30 (string)

ID : CVE-2020-1916 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : HHVM (string)

version : { »

version_data : [ »

0 : { »

version_affected : !>= (string)

version_value : 4.83.1 (string)

}

1 : { »

version_affected : = (string)

version_value : 4.83.0 (string)

}

2 : { »

version_affected : !>= (string)

version_value : 4.82.1 (string)

}

3 : { »

version_affected : = (string)

version_value : 4.82.0 (string)

}

4 : { »

version_affected : !>= (string)

version_value : 4.81.1 (string)

}

5 : { »

version_affected : = (string)

version_value : 4.81.0 (string)

}

6 : { »

version_affected : !>= (string)

version_value : 4.80.1 (string)

}

7 : { »

version_affected : = (string)

version_value : 4.80.0 (string)

}

8 : { »

version_affected : !>= (string)

version_value : 4.79.1 (string)

}

9 : { »

version_affected : = (string)

version_value : 4.79.0 (string)

}

10 : { »

version_affected : !>= (string)

version_value : 4.78.1 (string)

}

11 : { »

version_affected : >= (string)

version_value : 4.57.0 (string)

}

12 : { »

version_affected : !>= (string)

version_value : 4.56.2 (string)

}

13 : { »

version_affected : < (string)

version_value : 4.56.2 (string)

}

]

}

]

}

vendor_name : Facebook (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This issue affects HHVM prior to 4.56.2, all versions between 4.57.0 and 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Heap-based Buffer Overflow (CWE-122) (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://hhvm.com/blog/2020/11/12/security-update.html (string)

refsource : CONFIRM (string)

url : https://hhvm.com/blog/2020/11/12/security-update.html (string)

}

1 : { »

name : https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4 (string)

refsource : MISC (string)

url : https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T06:54:00.370Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://hhvm.com/blog/2020/11/12/security-update.html (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 4fc57720-52fe-4431-a0fb-3d2c8747b827 (string)

assignerShortName : facebook (string)

cveId : CVE-2020-1916 (string)

datePublished : 2021-03-10T15:50:27 (string)

dateReserved : 2019-12-02T00:00:00 (string)

dateUpdated : 2024-08-04T06:54:00.370Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:facebook:hhvm:*:*:*:*:*:*:*:*", "matchCriteriaId": "6711FFC9-F4D3-438B-B596-30FCB4EAF015", "versionEndExcluding": "4.56.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:facebook:hhvm:*:*:*:*:*:*:*:*", "matchCriteriaId": "14D6DF29-4414-4A07-99E9-1BD568EC77A7", "versionEndExcluding": "4.78.1", "versionStartIncluding": "4.57.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:facebook:hhvm:4.79.0:*:*:*:*:*:*:*", "matchCriteriaId": "0C83AAFF-2886-424B-A9BD-251B3AAC790B", "vulnerable": true}, {"criteria": "cpe:2.3:a:facebook:hhvm:4.80.0:*:*:*:*:*:*:*", "matchCriteriaId": "73B27B4A-CD40-4493-BDCD-27F6ADD6C65A", "vulnerable": true}, {"criteria": "cpe:2.3:a:facebook:hhvm:4.81.0:*:*:*:*:*:*:*", "matchCriteriaId": "5BD9447B-B287-484B-A14C-787F8481EBB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:facebook:hhvm:4.82.0:*:*:*:*:*:*:*", "matchCriteriaId": "15825F25-22B8-4863-A4E0-AD2EE66FA12C", "vulnerable": true}, {"criteria": "cpe:2.3:a:facebook:hhvm:4.83.0:*:*:*:*:*:*:*", "matchCriteriaId": "A04923E1-4DCE-4E34-8238-99BCCEEF4791", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This issue affects HHVM prior to 4.56.2, all versions between 4.57.0 and 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0."}, {"lang": "es", "value": "Un c\u00e1lculo de tama\u00f1o incorrecto en la funci\u00f3n ldap_escape puede conllevar a un desbordamiento de enteros cuando es pasada una entrada demasiado larga, resultando en una escritura fuera de l\u00edmites.&#xa0;Este problema afecta a HHVM versiones anteriores a 4.56.2, todas las versiones entre 4.57.0 y 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0"}], "id": "CVE-2020-1916", "lastModified": "2024-11-21T05:11:36.400", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-03-10T16:15:14.173", "references": [{"source": "cve-assign@fb.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4"}, {"source": "cve-assign@fb.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://hhvm.com/blog/2020/11/12/security-update.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://hhvm.com/blog/2020/11/12/security-update.html"}], "sourceIdentifier": "cve-assign@fb.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "cve-assign@fb.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:facebook:hhvm:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6711FFC9-F4D3-438B-B596-30FCB4EAF015 (string)

versionEndExcluding : 4.56.2 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:facebook:hhvm:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 14D6DF29-4414-4A07-99E9-1BD568EC77A7 (string)

versionEndExcluding : 4.78.1 (string)

versionStartIncluding : 4.57.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:facebook:hhvm:4.79.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 0C83AAFF-2886-424B-A9BD-251B3AAC790B (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:facebook:hhvm:4.80.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 73B27B4A-CD40-4493-BDCD-27F6ADD6C65A (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:facebook:hhvm:4.81.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 5BD9447B-B287-484B-A14C-787F8481EBB8 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:facebook:hhvm:4.82.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 15825F25-22B8-4863-A4E0-AD2EE66FA12C (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:facebook:hhvm:4.83.0:*:*:*:*:*:*:* (string)

matchCriteriaId : A04923E1-4DCE-4E34-8238-99BCCEEF4791 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This issue affects HHVM prior to 4.56.2, all versions between 4.57.0 and 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0. (string)

}

1 : { »

lang : es (string)

value : Un cálculo de tamaño incorrecto en la función ldap_escape puede conllevar a un desbordamiento de enteros cuando es pasada una entrada demasiado larga, resultando en una escritura fuera de límites. Este problema afecta a HHVM versiones anteriores a 4.56.2, todas las versiones entre 4.57.0 y 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0 (string)

}

]

id : CVE-2020-1916 (string)

lastModified : 2024-11-21T05:11:36.400 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 7.5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:L/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 9.8 (number)

baseSeverity : CRITICAL (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2021-03-10T16:15:14.173 (string)

references : [ »

0 : { »

source : cve-assign@fb.com (string)

tags : [ »

0 : Patch (string)

1 : Third Party Advisory (string)

]

url : https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4 (string)

}

1 : { »

source : cve-assign@fb.com (string)

tags : [ »

0 : Release Notes (string)

1 : Vendor Advisory (string)

]

url : https://hhvm.com/blog/2020/11/12/security-update.html (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Third Party Advisory (string)

]

url : https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Release Notes (string)

1 : Vendor Advisory (string)

]

url : https://hhvm.com/blog/2020/11/12/security-update.html (string)

}

]

sourceIdentifier : cve-assign@fb.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-122 (string)

}

]

source : cve-assign@fb.com (string)

type : Secondary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-787 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object