CVE-2009-0214

{"id": "CVE-2009-0214", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-02-08T22:30:00.343", "references": [{"url": "http://secunia.com/advisories/33837", "source": "cret@cert.org"}, {"url": "http://www.kb.cert.org/vuls/id/337569", "tags": ["US Government Resource"], "source": "cret@cert.org"}, {"url": "http://www.scada-security.com/vulnerabilities/areva1.html", "tags": ["URL Repurposed"], "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded", "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/bid/33637", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/33837", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/337569", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.scada-security.com/vulnerabilities/areva1.html", "tags": ["URL Repurposed"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/33637", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote authenticated users to gain privileges via unknown vectors, aka PD32022."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en la aplicaci\u00f3n WebFGServer en AREVA e-terrahabitat v5.7 y anteriores, permite a usuarios autenticados remotamente obtener privilegios a trav\u00e9s de vectores no especificados. Tambi\u00e9n conocidos como PD32022."}], "lastModified": "2024-11-21T00:59:21.830", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:areva:e-terrahabitat:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81433ED5-61A7-406A-BCEA-C0FB80B4B374", "versionEndIncluding": "5.7"}, {"criteria": "cpe:2.3:a:areva:e-terrahabitat:5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8C5CBA7-E0D6-4C2B-AD9F-16707B084C31"}, {"criteria": "cpe:2.3:a:areva:e-terrahabitat:5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00DA6AF7-707F-476F-B204-B6BD870762D0"}], "operator": "OR"}]}], "sourceIdentifier": "cret@cert.org", "evaluatorSolution": "Per http://www.kb.cert.org/vuls/id/337569 \r\n\r\n\"III. Solution \r\n\r\nApply Patch Users of e-terrahabitat version 5.5, 5.6, and 5.7 should apply the e-terrahabitat_560_P20081030_SEC patch immediately.\""}