CVE-2017-2767

{"id": "CVE-2017-2767", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2017-02-03T07:59:00.593", "references": [{"url": "http://www.securityfocus.com/archive/1/540085/30/0/threaded", "tags": ["Mailing List", "Third Party Advisory", "VDB Entry"], "source": "security_alert@emc.com"}, {"url": "http://www.securityfocus.com/bid/95938", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security_alert@emc.com"}, {"url": "http://www.securitytracker.com/id/1037761", "source": "security_alert@emc.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contains a Java RMI Remote Code Execution vulnerability that could potentially be exploited by malicious users to compromise the affected system."}, {"lang": "es", "value": "EMC Network Configuration Manager (NCM) 9.4.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contiene una vulnerabilidad de Java RMI Remote Code Execution que podr\u00eda ser explotada potencialmente por usuarios malintencionados para comprometer el sistema afectado."}], "lastModified": "2017-07-25T01:29:06.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:emc:smarts_network_configuration_manager:9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5898D8B-A49B-4B4E-B7E0-D4901C0C52C1"}, {"criteria": "cpe:2.3:a:emc:smarts_network_configuration_manager:9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1230B15-B5CA-4C0E-B6C7-4DA2FD83E18F"}, {"criteria": "cpe:2.3:a:emc:smarts_network_configuration_manager:9.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A611CEC3-D330-4385-A2AD-28F40B16BD3C"}, {"criteria": "cpe:2.3:a:emc:smarts_network_configuration_manager:9.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE535D78-B893-4909-8AF5-EDFC2430B6F2"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}