CVE-2014-2224

{"id": "CVE-2014-2224", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-12-29T20:59:02.507", "references": [{"url": "https://www.sysdream.com/CVE-2014-2223_CVE-2014-2224", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-254"}]}], "descriptions": [{"lang": "en", "value": "Plogger 1.0 RC1 and earlier, when the Lucid theme is used, does not assign new values for certain codes, which makes it easier for remote attackers to bypass the CAPTCHA protection mechanism via a series of form submissions."}, {"lang": "es", "value": "Plogger 1.0 RC1 y anteriores, cuando se usa el tema Lucid, no asigna nuevos valores para determinados c\u00f3digos, lo cual hace m\u00e1s f\u00e1cil para atacantes remotos saltarse los mecanismo de protecci\u00f3n CAPTCHA a trav\u00e9s de una serie de formularios de env\u00edos."}], "lastModified": "2014-12-30T16:37:58.953", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:plogger:plogger:*:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C365E06-107E-456E-BF18-EB0D6CA81B04", "versionEndIncluding": "1.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}