CVE-2013-2308

{"id": "CVE-2013-2308", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-05-09T12:31:19.833", "references": [{"url": "http://jvn.jp/en/jp/JVN61972596/index.html", "source": "vultures@jpcert.or.jp"}, {"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000035", "source": "vultures@jpcert.or.jp"}, {"url": "https://www.softbanktech.jp/news/20121029.html", "source": "vultures@jpcert.or.jp"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The (1) OWA Helper and (2) OSG Lite programs in SoftBank Online Service Gate allow remote authenticated users to discover their own passwords, and consequently bypass an Office 365 restriction, via unspecified vectors."}, {"lang": "es", "value": "El (1) OWA Helper y (2)programas OSG Lite en SoftBank Online Service Gate permite a usuarios autenticados remotos descubrir su propia contrase\u00f1a, por lo que se burla la restricci\u00f3n de Office 365, a trav\u00e9s de vectores desconocidos."}], "lastModified": "2013-05-09T12:31:19.833", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:softbanktech:online_service_gate:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7CAE2E8-4707-4C3B-9680-315ACC651652"}], "operator": "OR"}]}], "sourceIdentifier": "vultures@jpcert.or.jp"}