CVE-2018-0285

{"id": "CVE-2018-0285", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2018-05-02T22:29:01.200", "references": [{"url": "http://www.securityfocus.com/bid/104082", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1040826", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-psc", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-400"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in service logging for Cisco Prime Service Catalog could allow an authenticated, remote attacker to deny service to the user interface. The vulnerability is due to exhaustion of disk space. An attacker could exploit this vulnerability by performing certain operations that lead to excessive logging. A successful exploit could allow the attacker to deny service to the user interface. Cisco Bug IDs: CSCvd39568."}, {"lang": "es", "value": "Una vulnerabilidad en el registro del servicio para Cisco Prime Service Catalog podr\u00eda permitir que un atacante remoto autenticado deniegue el servicio a la interfaz de usuario. Esta vulnerabilidad se debe al agotamiento del espacio del disco. Un atacante podr\u00eda explotar esta vulnerabilidad realizando ciertas operaciones que conducen a un registro excesivo. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante denmegar el servicio a la interfaz de usuario. Cisco Bug IDs: CSCvd39568."}], "lastModified": "2019-10-09T23:31:38.800", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:prime_service_catalog:11.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3953F864-1C8F-466D-9E77-AD038DE16384"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}