CVE-2005-2285

{"id": "CVE-2005-2285", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-07-18T04:00:00.000", "references": [{"url": "http://www.kb.cert.org/vuls/id/165290", "tags": ["Patch", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/JGEI-6BWPXL", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration."}, {"lang": "es", "value": "WebEOC anterior a la 6.0.2 almacena informaci\u00f3n confidencial en localizaciones tales como URIs, p\u00e1ginas web y ficheros de configuraci\u00f3n. Esto permite que atacantes remotos obtengan informaci\u00f3n tal como nombres de usuarios, claves, informaci\u00f3n m\u00e9dica y de emergencia y configuraci\u00f3n del sistema."}], "lastModified": "2008-09-05T20:51:22.617", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:esi_products:webeoc:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09DA3374-FE82-4EAD-97A7-506648D89D4E", "versionEndIncluding": "6.0.1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}