CVE-2015-3400

{"id": "CVE-2015-3400", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2017-10-18T15:29:00.423", "references": [{"url": "http://www.openwall.com/lists/oss-security/2015/04/22/4", "tags": ["Mailing List", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/74272", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://github.com/FransUrbo/zfs/commit/99aa4d2b4fd12c6bef62d02ffd1b375ddd42fcf4", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/zfsonlinux/zfs/issues/3319", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/zfsonlinux/zfs/pull/2790/commits", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "sharenfs 0.6.4, when built with commits bcdd594 and 7d08880 from the zfs repository, provides world readable access to the shared zfs file system, which might allow remote authenticated users to obtain sensitive information by reading shared files."}, {"lang": "es", "value": "sharenfs 0.6.4, cuando se integra con los commits bcdd594 y 7d08880 del repositorio zfs, proporciona acceso de lectura global al sistema de archivos zfs compartido, lo que podr\u00eda permitir que usuarios autenticados remotos obtengan informaci\u00f3n sensible mediante la lectura de archivos compartidos."}], "lastModified": "2017-11-08T13:03:08.917", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zfsonlinux:zfs:0.6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB2FE587-3D13-40F6-938D-715B75D13906"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}