CVE-2015-0784

{"id": "CVE-2015-0784", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-08-09T18:29:00.760", "references": [{"url": "http://www.securityfocus.com/bid/74289", "source": "security@opentext.com"}, {"url": "http://www.securitytracker.com/id/1032166", "source": "security@opentext.com"}, {"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-149", "source": "security@opentext.com"}, {"url": "https://www.novell.com/support/kb/doc.php?id=7016431", "source": "security@opentext.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable."}, {"lang": "es", "value": "La clase Rtrlet.class enZENworks Configuration Management (ZCM) de Novell permite que atacantes remotos obtengan los identificadores de sesi\u00f3n de usuarios que han iniciado sesi\u00f3n mediante un valor ShowLogins para la variable maintenance."}], "lastModified": "2023-11-07T02:23:31.503", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02FD0617-2578-4F91-AAEF-D9CB68D224D9"}], "operator": "OR"}]}], "sourceIdentifier": "security@opentext.com"}