CVE-2013-0665

{"id": "CVE-2013-0665", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-03-21T14:55:01.450", "references": [{"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-079-01.pdf", "tags": ["US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before 5.12.0.1 uses weak permissions for its Program Files directory, which allows local users to replace executable files, and consequently gain privileges, via standard filesystem operations."}, {"lang": "es", "value": "Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet anterior a 5.12.0.1 utiliza permisos d\u00e9biles para el directorio Program Files, que permite a usuarios locales para reemplazar los archivos ejecutables, y en consecuencia obtener privilegios, a trav\u00e9s de las operaciones del sistema de archivos est\u00e1ndar.\r\n\r\n"}], "lastModified": "2013-03-21T21:04:43.667", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:selinc:acselerator_quickset:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC3B3B3F-BAF7-47BF-BD46-1F7962152FCF", "versionEndIncluding": "5.12.0"}], "operator": "OR"}]}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}