CVE-2017-4927

{"id": "CVE-2017-4927", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-11-17T14:29:00.450", "references": [{"url": "http://www.securityfocus.com/bid/101786", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@vmware.com"}, {"url": "http://www.securitytracker.com/id/1039759", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@vmware.com"}, {"url": "https://www.vmware.com/security/advisories/VMSA-2017-0017.html", "tags": ["Vendor Advisory"], "source": "security@vmware.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-90"}]}], "descriptions": [{"lang": "en", "value": "VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) does not correctly handle specially crafted LDAP network packets which may allow for remote denial of service."}, {"lang": "es", "value": "VMware vCenter Server (en versiones 6.5 anteriores a la 6.5 U1 y versiones 6.0 anteriores a la 6.0 U3c) no gestiona correctamente paquetes de red LDAP especialmente manipulados, lo que puede permitir que se provoque una denegaci\u00f3n de servicio de forma remota."}], "lastModified": "2017-12-04T16:30:15.133", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:vcenter_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4916113B-4E8D-435B-829B-6E4449117F76", "versionEndExcluding": "6.0_u3c", "versionStartIncluding": "6.0"}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3401DF9F-5606-4ABA-A84F-4909405F6955", "versionEndExcluding": "6.5_u1", "versionStartIncluding": "6.5"}], "operator": "OR"}]}], "sourceIdentifier": "security@vmware.com"}