CVE-2015-1015

{"id": "CVE-2015-1015", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-10-06T01:59:06.237", "references": [{"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-274-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file."}, {"lang": "es", "value": "Omron CX-One CX-Programmer en versiones anteriores a 9.6, dispositivos CJ2M PLC en versiones anteriores a 2.1 y dispositivos CJ2H PLC en versiones anteriores a 1.5 usan un formato reversible para el almacenamiento de contrase\u00f1a en archivos de objeto en tarjetas Compact Flash, lo que hace m\u00e1s f\u00e1cil para usuarios locales obtener informaci\u00f3n sensible mediante la lectura de un archivo."}], "lastModified": "2015-10-06T23:49:39.873", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:omron:cx-programmer:9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "119F2C44-EAF8-43D9-A5AF-1F0B71833CA1"}, {"criteria": "cpe:2.3:h:omron:cj2h_plc:1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57822DC2-DDC7-426A-B2A4-90B9A7BBA475"}, {"criteria": "cpe:2.3:h:omron:cj2m_plc:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "673D8851-9502-4D28-939C-BEC804B90DBD"}], "operator": "OR"}]}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}