CVE-2016-0919

{"id": "CVE-2016-0919", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2017-02-03T07:59:00.217", "references": [{"url": "http://www.securityfocus.com/archive/1/540057/30/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security_alert@emc.com"}, {"url": "http://www.securityfocus.com/bid/95820", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security_alert@emc.com"}, {"url": "http://www.securitytracker.com/id/1037726", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security_alert@emc.com"}, {"url": "http://www.securityfocus.com/archive/1/540057/30/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/95820", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1037726", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "EMC RSA Web Threat Detection version 5.0, RSA Web Threat Detection version 5.1, RSA Web Threat Detection version 5.1.2 has a cross site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system."}, {"lang": "es", "value": "EMC RSA Web Threat Detection versi\u00f3n 5.0, RSA Web Threat Detection versi\u00f3n 5.1, RSA Web Threat Detection versi\u00f3n 5.1.2 tiene una vulnerabilidad de XSS que podr\u00eda ser explotada potencialmente por usuarios malintencionados para comprometer el sistema afectado."}], "lastModified": "2024-11-21T02:42:38.187", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rsa:web_threat_detection:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D88F4596-F066-4C65-A439-819E732A9548"}, {"criteria": "cpe:2.3:a:rsa:web_threat_detection:5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CB1DFEC-8E37-4003-85F7-3EE94B9E5A95"}, {"criteria": "cpe:2.3:a:rsa:web_threat_detection:5.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "802254CF-09C4-4B75-AE06-C03C619DEDFC"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}