CVE-2017-1000068

{"id": "CVE-2017-1000068", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-07-17T13:18:18.157", "references": [{"url": "https://github.com/Betterment/test_track/releases/tag/v1.0.1", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/Betterment/test_track/releases/tag/v1.0.1", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "TestTrack Server versions 1.0 and earlier are vulnerable to an authentication flaw in the split disablement feature resulting in the ability to disable arbitrary running splits and cause denial of service to clients in the field."}, {"lang": "es", "value": "Las versiones 1.0 y anteriores de TestTrack Server, son vulnerables a un fallo de autenticaci\u00f3n en la funci\u00f3n split disablement resultando en la capacidad de deshabilitar divisiones en ejecuci\u00f3n arbitrarias y causar la denegaci\u00f3n de servicio a los clientes en el campo."}], "lastModified": "2024-11-21T03:04:05.147", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:betterment:testtrack:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FAC85053-71CF-42D1-9AAE-559D6A0DC627", "versionEndIncluding": "1.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}