CVE-2019-0804

{"id": "CVE-2019-0804", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2019-04-09T03:29:00.843", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00037.html", "source": "secure@microsoft.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1527", "source": "secure@microsoft.com"}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0804", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00037.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1527", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0804", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-732"}]}], "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks, aka 'Azure Linux Agent Information Disclosure Vulnerability'."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en la manera en que Azure WaLinuxAgent crea archivos de intercambio en discos de recursos, tambi\u00e9n se conoce como \"Azure Linux Agent Information Disclosure Vulnerability\"."}], "lastModified": "2024-11-21T04:17:18.673", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:walinuxagent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "685B4D91-B775-4004-8A40-4239687F7B88", "versionEndExcluding": "2.2.38"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}