CVE-2014-4822

{"id": "CVE-2014-4822", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 1.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-10-19T01:55:14.013", "references": [{"url": "http://secunia.com/advisories/59921", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT04023", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686339", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95467", "source": "psirt@us.ibm.com"}, {"url": "http://secunia.com/advisories/59921", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT04023", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686339", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95467", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-255"}]}], "descriptions": [{"lang": "en", "value": "IBM WebSphere MQ classes for Java libraries 8.0 before 8.0.0.1 and Websphere MQ Explorer 7.5 before 7.5.0.5 and 8.0 before 8.0.0.2 allow local users to discover preconfigured cleartext passwords via an unspecified trace operation."}, {"lang": "es", "value": "IBM WebSphere MQ classes for Java libraries 8.0 anterior a 8.0.0.1 y Websphere MQ Explorer 7.5 anterior a 7.5.0.5 y 8.0 anterior a 8.0.0.2 permiten a usuarios locales descubrir contrase\u00f1as en texto plano preconfiguradas a trav\u00e9s de una operaci\u00f3n de trazar no especificada."}], "lastModified": "2024-11-21T02:10:55.960", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_mq:8.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "153F42BE-64AE-4D38-94C1-E59EF10632A2"}, {"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:7.5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5745E231-D937-4FCC-BA85-61021D36E42A"}, {"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:7.5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDA7219C-E8E7-41E6-B07A-13F75C796100"}, {"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:7.5.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A01E3907-CE96-4D3F-9CDD-DA348CEA4EB4"}, {"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:7.5.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0B46FF7-452B-47BF-9CF9-0383043144F9"}, {"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:7.5.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C38C5A6-CBF6-4E81-9F8D-8E2A5A216653"}, {"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:8.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D02554D0-4575-40E5-BD37-2017503C49E4"}, {"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:8.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86259F4B-607C-44F0-B744-91763C96C120"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}