CVE-2008-5549

{"id": "CVE-2008-5549", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-12-12T18:30:03.233", "references": [{"url": "http://secunia.com/advisories/33120", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1021380", "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-124301-12-1", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-138686-01-1", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243886-1", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/32770", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/3408", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47256", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}, {"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote attackers to access local files and read the product's configuration information via unknown vectors related to \"access to secure files by ThemeServlet.\""}, {"lang": "es", "value": "Vulnerabilidad sin especificar en los componentes de Sun Java Web Console en Sun Java System Portal Server v7.1 y v7.2 permite a atacantes remotos acceder a ficheros locales y leer la informaci\u00f3n de configuraci\u00f3n del producto mediante vectores desconocidos, relacionado a \"acceso a ficheros seguros por ThemeServlet\"."}], "lastModified": "2017-08-08T01:33:23.140", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_system_portal_server:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A29331A7-9D72-489D-A8DF-5B4C18A19692"}, {"criteria": "cpe:2.3:a:sun:java_system_portal_server:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83D63923-869B-4156-BBED-DFB417B19420"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}