CVE-2017-2768

{"id": "CVE-2017-2768", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2017-02-03T07:59:00.623", "references": [{"url": "http://www.securityfocus.com/archive/1/540085/30/0/threaded", "tags": ["Mailing List", "Third Party Advisory", "VDB Entry"], "source": "security_alert@emc.com"}, {"url": "http://www.securityfocus.com/bid/95936", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security_alert@emc.com"}, {"url": "http://www.securitytracker.com/id/1037761", "source": "security_alert@emc.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contains an Improper Authentication vulnerability that could potentially be exploited by malicious users to compromise the affected system."}, {"lang": "es", "value": "EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contiene Una vulnerabilidad de autenticaci\u00f3n incorrecta que podr\u00eda ser explotada potencialmente por usuarios malintencionados para comprometer el sistema afectado."}], "lastModified": "2017-07-25T01:29:06.793", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:emc:smarts_network_configuration_manager:9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5898D8B-A49B-4B4E-B7E0-D4901C0C52C1"}, {"criteria": "cpe:2.3:a:emc:smarts_network_configuration_manager:9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1230B15-B5CA-4C0E-B6C7-4DA2FD83E18F"}, {"criteria": "cpe:2.3:a:emc:smarts_network_configuration_manager:9.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A611CEC3-D330-4385-A2AD-28F40B16BD3C"}, {"criteria": "cpe:2.3:a:emc:smarts_network_configuration_manager:9.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE535D78-B893-4909-8AF5-EDFC2430B6F2"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}