Vulnerability-Lookup

CVE-2018-13822 (GCVE-0-2018-13822)

Vulnerability from cvelistv5 – Published: 2018-08-30 14:00 – Updated: 2024-09-17 03:38

Summary

Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.

Severity ?

No CVSS data available.

CWE

Unprotected Storage of Credentials

Assigner

References

URL

Tags

	http://www.securityfocus.com/bid/105297	vdb-entryx_refsource_BID
	https://support.ca.com/us/product-content/recomme…	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	CA Technologies	PPM	Affected: 15.3 and earlier

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:14:47.195Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "105297",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105297"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PPM",
          "vendor": "CA Technologies",
          "versions": [
            {
              "status": "affected",
              "version": "15.3 and earlier"
            }
          ]
        }
      ],
      "datePublic": "2018-08-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Unprotected Storage of Credentials",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-09-08T09:57:01.000Z",
        "orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
        "shortName": "ca"
      },
      "references": [
        {
          "name": "105297",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105297"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vuln@ca.com",
          "DATE_PUBLIC": "2018-08-29T00:00:00",
          "ID": "CVE-2018-13822",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PPM",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "15.3 and earlier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "CA Technologies"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Unprotected Storage of Credentials"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "105297",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105297"
            },
            {
              "name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html",
              "refsource": "CONFIRM",
              "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
    "assignerShortName": "ca",
    "cveId": "CVE-2018-13822",
    "datePublished": "2018-08-30T14:00:00.000Z",
    "dateReserved": "2018-07-10T00:00:00.000Z",
    "dateUpdated": "2024-09-17T03:38:20.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

FKIE_CVE-2018-13822

Vulnerability from fkie_nvd - Published: 2018-08-30 14:29 - Updated: 2024-11-21 03:48

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.

References

URL	Tags
vuln@ca.com	http://www.securityfocus.com/bid/105297	Third Party Advisory, VDB Entry
vuln@ca.com	https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105297	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
broadcom	project_portfolio_management	*
broadcom	project_portfolio_management	14.4
broadcom	project_portfolio_management	15.1
broadcom	project_portfolio_management	15.2
broadcom	project_portfolio_management	15.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:project_portfolio_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E2B0528-B1EB-421D-BB2D-88D6B32E798B",
              "versionEndIncluding": "14.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:project_portfolio_management:14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0ADEFB0-9DFF-4F7C-B23B-5BDEC0DF9CED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:project_portfolio_management:15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78CE337F-8A8B-47E4-8E23-1DF13CC1591E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:project_portfolio_management:15.2:cumulative_patch_5:*:*:*:*:*:*",
              "matchCriteriaId": "E6D80005-E13B-4DF5-811B-410D9C720898",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:project_portfolio_management:15.3:cumulative_patch_2:*:*:*:*:*:*",
              "matchCriteriaId": "46D17A50-B1E4-477D-A48B-64653200B1C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information."
    },
    {
      "lang": "es",
      "value": "El almacenamiento no seguro de credenciales en CA PPM 14.3 y anteriores, 14.4, 15.1, 15.2 CP5 y anteriores y 15.3 CP2 y anteriores permite que los atacantes accedan a informaci\u00f3n sensible."
    }
  ],
  "id": "CVE-2018-13822",
  "lastModified": "2024-11-21T03:48:09.547",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-08-30T14:29:00.937",
  "references": [
    {
      "source": "vuln@ca.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105297"
    },
    {
      "source": "vuln@ca.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105297"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html"
    }
  ],
  "sourceIdentifier": "vuln@ca.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-522"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-6GCP-H783-VWFP

Vulnerability from github – Published: 2022-05-13 01:10 – Updated: 2022-05-13 01:10

Details

Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-13822"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-522"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-08-30T14:29:00Z",
    "severity": "HIGH"
  },
  "details": "Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.",
  "id": "GHSA-6gcp-h783-vwfp",
  "modified": "2022-05-13T01:10:52Z",
  "published": "2022-05-13T01:10:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13822"
    },
    {
      "type": "WEB",
      "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105297"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2018-17425

Vulnerability from cnvd - Published: 2018-09-03

Title

CA PPM SSL密码明文存储漏洞

Description

CA PPM是美国CA公司的一套项目和项目组合管理软件。该软件包括任务管理、项目规划、财务报告管理和资源管理等功能。 CA PPM中存在安全漏洞，该漏洞源于程序以明文的形式存储SSL密码。攻击者可利用该漏洞访问敏感信息。

Severity

中

Patch Name

CA PPM SSL密码明文存储漏洞的补丁

Patch Description

CA PPM是美国CA公司的一套项目和项目组合管理软件。该软件包括任务管理、项目规划、财务报告管理和资源管理等功能。 CA PPM中存在安全漏洞，该漏洞源于程序以明文的形式存储SSL密码。攻击者可利用该漏洞访问敏感信息。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html

Reference

https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html

Impacted products

Name
['CA PPM <=14.3', 'CA PPM 14.4', 'CA PPM 15.1', 'CA PPM <=15.2 CP5', 'CA PPM <=15.3 CP2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-13822"
    }
  },
  "description": "CA PPM\u662f\u7f8e\u56fdCA\u516c\u53f8\u7684\u4e00\u5957\u9879\u76ee\u548c\u9879\u76ee\u7ec4\u5408\u7ba1\u7406\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u5305\u62ec\u4efb\u52a1\u7ba1\u7406\u3001\u9879\u76ee\u89c4\u5212\u3001\u8d22\u52a1\u62a5\u544a\u7ba1\u7406\u548c\u8d44\u6e90\u7ba1\u7406\u7b49\u529f\u80fd\u3002\r\n\r\nCA PPM\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u4ee5\u660e\u6587\u7684\u5f62\u5f0f\u5b58\u50a8SSL\u5bc6\u7801\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "unknown",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-17425",
  "openTime": "2018-09-03",
  "patchDescription": "CA PPM\u662f\u7f8e\u56fdCA\u516c\u53f8\u7684\u4e00\u5957\u9879\u76ee\u548c\u9879\u76ee\u7ec4\u5408\u7ba1\u7406\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u5305\u62ec\u4efb\u52a1\u7ba1\u7406\u3001\u9879\u76ee\u89c4\u5212\u3001\u8d22\u52a1\u62a5\u544a\u7ba1\u7406\u548c\u8d44\u6e90\u7ba1\u7406\u7b49\u529f\u80fd\u3002\r\n\r\nCA PPM\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u4ee5\u660e\u6587\u7684\u5f62\u5f0f\u5b58\u50a8SSL\u5bc6\u7801\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "CA PPM SSL\u5bc6\u7801\u660e\u6587\u5b58\u50a8\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "CA PPM \u003c=14.3",
      "CA PPM 14.4",
      "CA PPM 15.1",
      "CA PPM \u003c=15.2 CP5",
      "CA PPM \u003c=15.3 CP2"
    ]
  },
  "referenceLink": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html",
  "serverity": "\u4e2d",
  "submitTime": "2018-08-31",
  "title": "CA PPM SSL\u5bc6\u7801\u660e\u6587\u5b58\u50a8\u6f0f\u6d1e"
}

GSD-2018-13822

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.

Aliases

CVE-2018-13822

Aliases

CVE-2018-13822

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-13822",
    "description": "Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.",
    "id": "GSD-2018-13822"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-13822"
      ],
      "details": "Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.",
      "id": "GSD-2018-13822",
      "modified": "2023-12-13T01:22:27.165040Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vuln@ca.com",
        "DATE_PUBLIC": "2018-08-29T00:00:00",
        "ID": "CVE-2018-13822",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "PPM",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "15.3 and earlier"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "CA Technologies"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Unprotected Storage of Credentials"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "105297",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/105297"
          },
          {
            "name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html",
            "refsource": "CONFIRM",
            "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:project_portfolio_management:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "14.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:project_portfolio_management:14.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:project_portfolio_management:15.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:project_portfolio_management:15.2:cumulative_patch_5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:project_portfolio_management:15.3:cumulative_patch_2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vuln@ca.com",
          "ID": "CVE-2018-13822"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-522"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html"
            },
            {
              "name": "105297",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/105297"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2021-04-12T13:43Z",
      "publishedDate": "2018-08-30T14:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-13822 (GCVE-0-2018-13822)

FKIE_CVE-2018-13822

GHSA-6GCP-H783-VWFP

CNVD-2018-17425

GSD-2018-13822

Tags

Sightings

Nomenclature