CVE-2018-12551

{"id": "CVE-2018-12551", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2019-03-27T18:29:00.367", "references": [{"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=543401", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "source": "emo@eclipse.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00035.html", "source": "emo@eclipse.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}, {"type": "Secondary", "source": "emo@eclipse.org", "description": [{"lang": "en", "value": "CWE-703"}]}], "descriptions": [{"lang": "en", "value": "When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured to use a password file for authentication, any malformed data in the password file will be treated as valid. This typically means that the malformed data becomes a username and no password. If this occurs, clients can circumvent authentication and get access to the broker by using the malformed username. In particular, a blank line will be treated as a valid empty username. Other security measures are unaffected. Users who have only used the mosquitto_passwd utility to create and modify their password files are unaffected by this vulnerability."}, {"lang": "es", "value": "Cuando Eclipse Mosquitto, desde la versi\u00f3n 1.0 hasta la 1.5.5 (incluidas), est\u00e1 configurado para emplear un archivo de contrase\u00f1as para autenticaci\u00f3n, cualquier dato mal formado en el archivo de contrase\u00f1as se tratar\u00e1 como v\u00e1lido. Normalmente, esto significa que los datos mal formados se convierten en un nombre de usuario sin contrase\u00f1a. Si esto ocurre, los clientes pueden sortear la autenticaci\u00f3n y obtener acceso al broker mediante el uso de un nombre de usuario mal formado. En particular, una l\u00ednea en blanco se tratar\u00e1 como un nombre de usuario vac\u00edo v\u00e1lido. Otras medidas de seguridad no se han visto afectadas. Los usuarios que solo hayan empleado la utilidad mosquitto_passwd para crear y modificar sus archivos de contrase\u00f1a no se ven afectados por esta vulnerabilidad."}], "lastModified": "2019-10-09T23:34:04.137", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "734742C3-741C-461E-9739-B13C25C5420D", "versionEndIncluding": "1.5.5", "versionStartIncluding": "1.0"}], "operator": "OR"}]}], "sourceIdentifier": "emo@eclipse.org"}