CVE-2017-2382

{"id": "CVE-2017-2382", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-04-02T01:59:00.417", "references": [{"url": "http://www.securityfocus.com/bid/97128", "tags": ["Third Party Advisory", "VDB Entry"], "source": "product-security@apple.com"}, {"url": "http://www.securitytracker.com/id/1038144", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/HT207604", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in certain Apple products. macOS Server before 5.3 is affected. The issue involves the \"Wiki Server\" component. It allows remote attackers to enumerate user accounts via unspecified vectors."}, {"lang": "es", "value": "Se ha descubierto un problema en ciertos productos Apple. macOS Server en versiones anteriores a 5.3 est\u00e1 afectado. El problema involucra al componente \"Wiki Server\". Esto permite a atacantes remotos enumerar cuentas de usuario a trav\u00e9s de vectores no especificados."}], "lastModified": "2017-07-12T01:29:09.253", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CAD2D5E-EA2B-4D07-963F-FF789E624A73", "versionEndIncluding": "5.2"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}