VAR-201405-0535
Vulnerability from variot - Updated: 2023-12-18 14:01GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary commands via unspecified vectors. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetPermissions.asp component of the web server. Authentication is not required to exploit this vulnerability.The specific flaw exists within the EvalExpresssion method, which is available remotely through the AJAX facility. Using this method, it is possible to execute arbitrary Gamma code. Cogent DataHub is software for SCADA and automation. Versions prior to Cogent DataHub 7.3.5 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0535",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.3.1"
},
{
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.3.0"
},
{
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.2.2"
},
{
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.1.2"
},
{
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.1.1.63"
},
{
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.1.1"
},
{
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.1.0"
},
{
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.0.2"
},
{
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.0"
},
{
"model": "datahub",
"scope": null,
"trust": 1.4,
"vendor": "cogent real time",
"version": null
},
{
"model": "cogent datahub",
"scope": "lte",
"trust": 1.0,
"vendor": "cogentdatahub",
"version": "7.3.4"
},
{
"model": "cogent datahub",
"scope": "eq",
"trust": 1.0,
"vendor": "cogentdatahub",
"version": "7.3.3"
},
{
"model": "cogent datahub",
"scope": "eq",
"trust": 1.0,
"vendor": "cogentdatahub",
"version": "7.3.2"
},
{
"model": "datahub",
"scope": "lt",
"trust": 0.8,
"vendor": "cogent real time",
"version": "7.3.5"
},
{
"model": "real-time systems cogent datahub",
"scope": null,
"trust": 0.6,
"vendor": "cogent",
"version": null
},
{
"model": "cogent datahub",
"scope": "eq",
"trust": 0.6,
"vendor": "cogentdatahub",
"version": "7.3.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.1.1.63"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.1.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.3.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.3.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "*"
},
{
"model": "cogent datahub",
"scope": "eq",
"trust": 0.3,
"vendor": "cogentdatahub",
"version": "7.3.8"
},
{
"model": "cogent datahub",
"scope": "eq",
"trust": 0.3,
"vendor": "cogentdatahub",
"version": "7"
},
{
"model": "cogent datahub",
"scope": "ne",
"trust": 0.3,
"vendor": "cogentdatahub",
"version": "7.3.9"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "BID",
"id": "76614"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"db": "NVD",
"id": "CVE-2014-3789"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.3.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3789"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "John Leitch",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "BID",
"id": "67486"
}
],
"trust": 1.0
},
"cve": "CVE-2014-3789",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-3789",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 2.2,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-03106",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "f6f85540-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-3789",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2014-3789",
"trust": 1.4,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-03106",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-459",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"db": "NVD",
"id": "CVE-2014-3789"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary commands via unspecified vectors. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetPermissions.asp component of the web server. Authentication is not required to exploit this vulnerability.The specific flaw exists within the EvalExpresssion method, which is available remotely through the AJAX facility. Using this method, it is possible to execute arbitrary Gamma code. Cogent DataHub is software for SCADA and automation. \nVersions prior to Cogent DataHub 7.3.5 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3789"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "BID",
"id": "67486"
},
{
"db": "BID",
"id": "76614"
},
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 4.32
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3789",
"trust": 5.4
},
{
"db": "ZDI",
"id": "ZDI-14-136",
"trust": 4.0
},
{
"db": "BID",
"id": "67486",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-15-246-01",
"trust": 1.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2014-03106",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2160",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2981",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-438",
"trust": 0.7
},
{
"db": "BID",
"id": "76614",
"trust": 0.3
},
{
"db": "IVD",
"id": "7D7A6CD1-463F-11E9-B51A-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "F6F85540-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "BID",
"id": "67486"
},
{
"db": "BID",
"id": "76614"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"db": "NVD",
"id": "CVE-2014-3789"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459"
}
]
},
"id": "VAR-201405-0535",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
}
],
"trust": 1.74354838
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
}
]
},
"last_update_date": "2023-12-18T14:01:58.007000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Release Notes",
"trust": 1.5,
"url": "http://cogentdatahub.com/releasenotes.html"
},
{
"title": "Cogent Real-Time Systems has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-246-01"
},
{
"title": "Cogent Real-Time Systems DataHub \u0027GetPermissions.asp\u0027 patch for remote code execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/45728"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"db": "NVD",
"id": "CVE-2014-3789"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-14-136/"
},
{
"trust": 2.6,
"url": "http://cogentdatahub.com/releasenotes.html"
},
{
"trust": 2.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-246-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/67486"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3789"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3789"
},
{
"trust": 0.3,
"url": "http://www.cogentdatahub.com/index.html"
},
{
"trust": 0.3,
"url": "http://cogentdatahub.com/index.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "BID",
"id": "67486"
},
{
"db": "BID",
"id": "76614"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"db": "NVD",
"id": "CVE-2014-3789"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "BID",
"id": "67486"
},
{
"db": "BID",
"id": "76614"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"db": "NVD",
"id": "CVE-2014-3789"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-22T00:00:00",
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"date": "2014-05-22T00:00:00",
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-05-19T00:00:00",
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"date": "2014-05-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"date": "2014-05-19T00:00:00",
"db": "BID",
"id": "67486"
},
{
"date": "2015-09-03T00:00:00",
"db": "BID",
"id": "76614"
},
{
"date": "2014-05-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"date": "2014-05-22T23:55:03.767000",
"db": "NVD",
"id": "CVE-2014-3789"
},
{
"date": "2014-05-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-459"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-19T00:00:00",
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"date": "2014-05-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"date": "2015-03-19T09:10:00",
"db": "BID",
"id": "67486"
},
{
"date": "2015-09-03T00:00:00",
"db": "BID",
"id": "76614"
},
{
"date": "2014-07-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"date": "2016-12-08T03:05:41.557000",
"db": "NVD",
"id": "CVE-2014-3789"
},
{
"date": "2014-05-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-459"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "67486"
},
{
"db": "BID",
"id": "76614"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cogent Real-Time Systems DataHub \u0027GetPermissions.asp\u0027 Remote code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "BID",
"id": "67486"
}
],
"trust": 1.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection",
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459"
}
],
"trust": 1.0
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…