CVE-2010-1910

{"id": "CVE-2010-1910", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-05-12T11:46:31.703", "references": [{"url": "http://secunia.com/advisories/39740", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://wintercore.com/en/component/content/article/7-media/18-wintercore-releases-an-advisory-for-consona-products.html", "source": "cve@mitre.org"}, {"url": "http://www.consona.com/Content/CRM/Support/SecurityBulletin_April2010.pdf", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/602801", "tags": ["Patch", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/511176/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/40003", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/39740", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://wintercore.com/en/component/content/article/7-media/18-wintercore-releases-an-advisory-for-consona-products.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.consona.com/Content/CRM/Support/SecurityBulletin_April2010.pdf", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/602801", "tags": ["Patch", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/511176/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/40003", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "The Forgot Password implementation in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to reset passwords of accounts with blank Hint questions and Hint answers by sending an empty value for each of these two Hint fields."}, {"lang": "es", "value": "La implementaci\u00f3n Forgot Password en Consona Live Assistance, Dynamic Agent y Subscriber Assistance permite a atacantes remotos resetear passwords de cuentas con las pregusta y respuesta secreta en blanco mediante el envio de un valor vac\u00edo para cada uno de \u00e9stos dos campos."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:consona:consona_dynamic_agent:-:-:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E86DC4D-1E5C-4284-AA49-FD5F3AA9056A"}, {"criteria": "cpe:2.3:a:consona:consona_dynamic_agent:-:-:marketing:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76A93E2B-D458-43A4-A4A5-9FA0981B72EF"}, {"criteria": "cpe:2.3:a:consona:consona_dynamic_agent:-:-:support:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1AAF4CD-3D1A-4C44-8338-4F614E4645CB"}, {"criteria": "cpe:2.3:a:consona:consona_live_assistance:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDD3CC62-BB8B-435F-A9F3-CD6DE608F463"}, {"criteria": "cpe:2.3:a:consona:consona_subscriber_assistance:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F445B64-34D5-4372-9861-2216442E4069"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}