CVE-2020-13627 - Vulnerability Details

Vendors	Products
Centreon	Centreon Host-monitoring Widget Centreon Service-monitoring Widget Centreon Tactical-overview Widget

Link	Providers
https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon/

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-05-13T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-05-27T15:12:35", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-13627", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon/", "refsource": "MISC", "url": "https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:25:16.394Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-13627", "datePublished": "2020-05-27T15:12:35", "dateReserved": "2020-05-27T00:00:00", "dateUpdated": "2024-08-04T12:25:16.394Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2020-05-13T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2020-05-27T15:12:35 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon/ (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2020-13627 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon/ (string)

refsource : MISC (string)

url : https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon/ (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T12:25:16.394Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon/ (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2020-13627 (string)

datePublished : 2020-05-27T15:12:35 (string)

dateReserved : 2020-05-27T00:00:00 (string)

dateUpdated : 2024-08-04T12:25:16.394Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:centreon:centreon_host-monitoring_widget:*:*:*:*:*:*:*:*", "matchCriteriaId": "11CDDB5F-0CE5-4096-87A4-F7FD7037B8AC", "versionEndExcluding": "1.6.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:centreon:centreon_host-monitoring_widget:*:*:*:*:*:*:*:*", "matchCriteriaId": "DD6C9263-8455-4460-9256-8E3024B22ACF", "versionEndExcluding": "18.10.3", "versionStartIncluding": "18.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:centreon:centreon_host-monitoring_widget:*:*:*:*:*:*:*:*", "matchCriteriaId": "2008D772-6518-4F3F-90F5-AD0DCA60D165", "versionEndExcluding": "19.0.1", "versionStartIncluding": "19.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:centreon:centreon_host-monitoring_widget:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4FC23D4-13D9-495A-8C0E-361792AD30EF", "versionEndExcluding": "19.04.3", "versionStartIncluding": "19.04.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:centreon:centreon_tactical-overview_widget:*:*:*:*:*:*:*:*", "matchCriteriaId": "C768C6C6-45AC-403A-9A38-F11A18080F40", "versionEndExcluding": "1.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:centreon:centreon_tactical-overview_widget:*:*:*:*:*:*:*:*", "matchCriteriaId": "74B069A6-1F9A-4CE6-8F86-F0D020B31A58", "versionEndExcluding": "18.10.1", "versionStartIncluding": "18.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:centreon:centreon_tactical-overview_widget:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC7CF011-6871-4452-A07F-C08C2D3D629F", "versionEndExcluding": "19.04.1", "versionStartIncluding": "19.04.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:centreon:centreon_tactical-overview_widget:*:*:*:*:*:*:*:*", "matchCriteriaId": "335A0BD6-014E-4CE8-A9EE-4328C2C1AE18", "versionEndExcluding": "19.10.1", "versionStartIncluding": "19.10.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:centreon:centreon_service-monitoring_widget:*:*:*:*:*:*:*:*", "matchCriteriaId": "46C2C055-430F-4913-B650-8C0233D99F42", "versionEndExcluding": "1.6.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:centreon:centreon_service-monitoring_widget:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4582BF2-2BEF-4E32-B537-2898859AAFF2", "versionEndExcluding": "18.10.5", "versionStartIncluding": "18.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:centreon:centreon_service-monitoring_widget:*:*:*:*:*:*:*:*", "matchCriteriaId": "8903042C-5B5B-4CAF-94E2-BFA5F0CE5EC1", "versionEndExcluding": "19.04.3", "versionStartIncluding": "19.04.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:centreon:centreon_service-monitoring_widget:*:*:*:*:*:*:*:*", "matchCriteriaId": "50369D54-898A-4FB3-8246-E8BD3BA8A913", "versionEndExcluding": "19.10.2", "versionStartIncluding": "19.10.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget."}, {"lang": "es", "value": "Una vulnerabilidad de tipo cross-site scripting (XSS) permite a atacantes remotos inyectar scripts web o HTML arbitrario por medio del par\u00e1metro widgetId en el archivo host-monitoring/src/toolbar.php. Esta vulnerabilidad es corregida en las versiones 1.6.4, 18.10.3, 19.04.3 y 19.0.1 del Centreon host-monitoring widget; las versiones 1.6.4, 18.10.5, 19.04.3, 19.10.2 del Centreon service-monitoring widget; y las versiones 1.0.3, 18.10.1, 19.04.1, 19.10.1 del Centreon tactical-overview widget."}], "id": "CVE-2020-13627", "lastModified": "2024-11-21T05:01:37.717", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-05-27T16:15:12.890", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:centreon:centreon_host-monitoring_widget:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 11CDDB5F-0CE5-4096-87A4-F7FD7037B8AC (string)

versionEndExcluding : 1.6.4 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:centreon:centreon_host-monitoring_widget:*:*:*:*:*:*:*:* (string)

matchCriteriaId : DD6C9263-8455-4460-9256-8E3024B22ACF (string)

versionEndExcluding : 18.10.3 (string)

versionStartIncluding : 18.10.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:centreon:centreon_host-monitoring_widget:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2008D772-6518-4F3F-90F5-AD0DCA60D165 (string)

versionEndExcluding : 19.0.1 (string)

versionStartIncluding : 19.0.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:centreon:centreon_host-monitoring_widget:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B4FC23D4-13D9-495A-8C0E-361792AD30EF (string)

versionEndExcluding : 19.04.3 (string)

versionStartIncluding : 19.04.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:centreon:centreon_tactical-overview_widget:*:*:*:*:*:*:*:* (string)

matchCriteriaId : C768C6C6-45AC-403A-9A38-F11A18080F40 (string)

versionEndExcluding : 1.0.3 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:centreon:centreon_tactical-overview_widget:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 74B069A6-1F9A-4CE6-8F86-F0D020B31A58 (string)

versionEndExcluding : 18.10.1 (string)

versionStartIncluding : 18.10.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:centreon:centreon_tactical-overview_widget:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FC7CF011-6871-4452-A07F-C08C2D3D629F (string)

versionEndExcluding : 19.04.1 (string)

versionStartIncluding : 19.04.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:centreon:centreon_tactical-overview_widget:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 335A0BD6-014E-4CE8-A9EE-4328C2C1AE18 (string)

versionEndExcluding : 19.10.1 (string)

versionStartIncluding : 19.10.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:centreon:centreon_service-monitoring_widget:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 46C2C055-430F-4913-B650-8C0233D99F42 (string)

versionEndExcluding : 1.6.4 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:centreon:centreon_service-monitoring_widget:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F4582BF2-2BEF-4E32-B537-2898859AAFF2 (string)

versionEndExcluding : 18.10.5 (string)

versionStartIncluding : 18.10.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:centreon:centreon_service-monitoring_widget:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 8903042C-5B5B-4CAF-94E2-BFA5F0CE5EC1 (string)

versionEndExcluding : 19.04.3 (string)

versionStartIncluding : 19.04.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:centreon:centreon_service-monitoring_widget:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 50369D54-898A-4FB3-8246-E8BD3BA8A913 (string)

versionEndExcluding : 19.10.2 (string)

versionStartIncluding : 19.10.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget. (string)

}

1 : { »

lang : es (string)

value : Una vulnerabilidad de tipo cross-site scripting (XSS) permite a atacantes remotos inyectar scripts web o HTML arbitrario por medio del parámetro widgetId en el archivo host-monitoring/src/toolbar.php. Esta vulnerabilidad es corregida en las versiones 1.6.4, 18.10.3, 19.04.3 y 19.0.1 del Centreon host-monitoring widget; las versiones 1.6.4, 18.10.5, 19.04.3, 19.10.2 del Centreon service-monitoring widget; y las versiones 1.0.3, 18.10.1, 19.04.1, 19.10.1 del Centreon tactical-overview widget. (string)

}

]

id : CVE-2020-13627 (string)

lastModified : 2024-11-21T05:01:37.717 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 4.3 (number)

confidentialityImpact : NONE (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:N/I:P/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 6.1 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : LOW (string)

integrityImpact : LOW (string)

privilegesRequired : NONE (string)

scope : CHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 2.7 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2020-05-27T16:15:12.890 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Exploit (string)

1 : Third Party Advisory (string)

]

url : https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon/ (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

1 : Third Party Advisory (string)

]

url : https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon/ (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-79 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object