CVE-2017-15198

{"id": "CVE-2017-15198", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2017-10-11T01:32:54.550", "references": [{"url": "http://openwall.com/lists/oss-security/2017/10/04/9", "tags": ["Mailing List", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://github.com/kanboard/kanboard/commit/074f6c104f3e49401ef0065540338fc2d4be79f0", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/kanboard/kanboard/commit/3e0f14ae2b0b5a44bd038a472f17eac75f538524", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://kanboard.net/news/version-1.0.47", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "In Kanboard before 1.0.47, by altering form data, an authenticated user can edit a category of a private project of another user."}, {"lang": "es", "value": "En Kanboard en versiones anteriores a 1.0.47, al alterar los datos del formulario, un usuario autenticado puede editar una categor\u00eda de un proyecto privado de otro usuario."}], "lastModified": "2017-10-19T22:28:00.353", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9FFA667-B2E5-464E-9B11-3B98283AD2C4"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F126BD8-B6F8-43BF-96CF-B11F2E9CB9F3"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3507C156-EB3B-470C-B895-F71845D2368E"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E0902C1-DECB-4183-B369-511E2768D995"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA633272-8FA7-407C-9B3E-2D876B7271F0"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B306B73B-15B3-4B8B-9095-3642F8B47924"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FA40036-AC79-4367-BACB-B0B1451C5BD8"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C86BF2C5-D92F-41B4-B381-6D21BAA2D913"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A62EF43A-C147-4C11-BD6E-82CF941AEBD4"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "958B6A4D-C466-4361-AA0A-5EB3D111C4E6"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7C42F62-CD96-4727-9CD0-C3BD81418E53"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "970266EC-8452-4A06-81AC-05CF336D3C6F"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FE55D52-992D-4E67-BB6C-2E80299D22E0"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCE0BBFF-553F-4518-809B-BF136B7ABC71"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2EFAF36-875E-41DB-BFB8-45846E29903E"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1333058-CD6D-4F7D-8C07-D4352D2FA9DE"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3952635-F178-4AC0-8FE7-1034E0078AC7"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7512FB30-BE2A-4CDA-8B77-44234223B578"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "971C5D44-1406-4446-BEFE-20EF9ECDFFF2"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0045683B-30D9-4A04-A3A4-4DB903245380"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BF439AC-B790-45D7-9C25-1C9195924ADD"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4FDBF54-282B-49A1-8095-811A5B998EEF"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F650F14A-6A3E-4FD2-BCA1-6AF29278B827"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91C4B000-72B1-4E5F-814E-FBE2CEC602A6"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9249BDDA-4E2D-421D-8285-926FC400AC58"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3B8946D-2BF0-47FD-BEA0-0C2C74126142"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0315865-561D-4EA2-B361-FDB6D03FF5B8"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E0FC480-9E2A-4A76-92FF-60E6239CE89F"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.28:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BA990B5-D038-4E5E-8FAF-035460BD4146"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "070A3295-AFD7-473F-A9DA-ACF84C33274E"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B0B924E-76CE-412D-A47A-417B7C5E3454"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7B48D3D-556D-4942-99E6-E6135400B2A8"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.31:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08E6DE90-A247-4B72-A05C-61C9496E0D9E"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.31:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15D496D1-DF37-4B06-BAE5-485D5141E1A3"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC6332E7-A86D-4B09-93B3-815797E92A2F"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.32:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC8AE758-147C-4786-89CE-D2876C23BA5A"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.32:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4781CBDB-35CA-43BC-B031-34DB66B16D13"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16F193B8-C859-47A5-9D1C-510925E9478C"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF622DE0-35C4-4F04-B74A-4127A885395F"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98B3CDED-1284-45F7-93E2-F3CBFD2BB79C"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A4CD995-FEF9-47DE-A5AB-671471773DC0"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60825078-59BC-45AD-B644-B23973233B33"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4695EEFA-1098-4741-A4C5-39D613880091"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.39:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49DD1826-5FC0-4773-AFFB-EAE3CFA4AC46"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5033EDD4-9217-467E-91E9-8805B3667E1D"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.41:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C04963CA-D17A-4847-B022-187D33134A74"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.42:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "868722FE-E626-427A-8B24-58A8214824A9"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.43:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB2AF76B-C4CA-40D1-829C-E80560E14FDE"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.44:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82D7AE61-C248-4E95-8878-903A188B41C6"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.45:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "467A191D-9A57-4B53-AD41-30CF317AA102"}, {"criteria": "cpe:2.3:a:kanboard:kanboard:1.0.46:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41590AFF-2DB4-4D37-8CF8-84FCF85BB75B"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}