VAR-201703-0905
Vulnerability from variot - Updated: 2023-12-18 12:37A vulnerability in the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due to insufficient input validation of user-supplied application packages. An attacker who can upload a malicious package within Cisco IOx could exploit the vulnerability to modify arbitrary files. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. Cisco IOx Releases 1.0.0.0 and 1.1.0.0 are vulnerable. Cisco Bug IDs: CSCuy52317. Vendors have confirmed this vulnerability Bug ID CSCuy52317 It is released as.Tampering with information and disrupting service operations (DoS) An attack may be carried out. Cisco IOx is a set of applications that provide unified hosting capabilities for the Cisco IoT network infrastructure (Cisco routers, switches, etc.). Cisco Application-hosting Framework (CAF) is one of the application hosting framework components. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-0905",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iox",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.1\\(0\\)"
},
{
"model": "iox",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.1.0"
},
{
"model": "iox software",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "1.1.0.0"
},
{
"model": "iox software",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "1.0.0.0"
},
{
"model": "iox",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "1.0.0.0"
},
{
"model": "iox",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "1.1.0.0"
},
{
"model": "ir829",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ir809",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "isr4451",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "isr4351",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "isr4331",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "isr4321",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ir829",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ir809",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asr1002x",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asr1002hx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asr1001x",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asr1001hx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application-hosting framework",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "iox software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.2.4.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03697"
},
{
"db": "BID",
"id": "97014"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002642"
},
{
"db": "NVD",
"id": "CVE-2017-3852"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-993"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:iox:1.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:iox:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3852"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "97014"
}
],
"trust": 0.3
},
"cve": "CVE-2017-3852",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-3852",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CNVD-2017-03697",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-112055",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-3852",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-3852",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-03697",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-993",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-112055",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-3852",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03697"
},
{
"db": "VULHUB",
"id": "VHN-112055"
},
{
"db": "VULMON",
"id": "CVE-2017-3852"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002642"
},
{
"db": "NVD",
"id": "CVE-2017-3852"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-993"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due to insufficient input validation of user-supplied application packages. An attacker who can upload a malicious package within Cisco IOx could exploit the vulnerability to modify arbitrary files. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. Cisco IOx Releases 1.0.0.0 and 1.1.0.0 are vulnerable. Cisco Bug IDs: CSCuy52317. Vendors have confirmed this vulnerability Bug ID CSCuy52317 It is released as.Tampering with information and disrupting service operations (DoS) An attack may be carried out. Cisco IOx is a set of applications that provide unified hosting capabilities for the Cisco IoT network infrastructure (Cisco routers, switches, etc.). Cisco Application-hosting Framework (CAF) is one of the application hosting framework components. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3852"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002642"
},
{
"db": "CNVD",
"id": "CNVD-2017-03697"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-993"
},
{
"db": "BID",
"id": "97014"
},
{
"db": "VULHUB",
"id": "VHN-112055"
},
{
"db": "VULMON",
"id": "CVE-2017-3852"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-3852",
"trust": 3.5
},
{
"db": "BID",
"id": "97014",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1038108",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1038109",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002642",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-993",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-03697",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-112055",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-3852",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03697"
},
{
"db": "VULHUB",
"id": "VHN-112055"
},
{
"db": "VULMON",
"id": "CVE-2017-3852"
},
{
"db": "BID",
"id": "97014"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002642"
},
{
"db": "NVD",
"id": "CVE-2017-3852"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-993"
}
]
},
"id": "VAR-201703-0905",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03697"
},
{
"db": "VULHUB",
"id": "VHN-112055"
}
],
"trust": 1.3444444666666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03697"
}
]
},
"last_update_date": "2023-12-18T12:37:30.974000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20170322-caf2",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170322-caf2"
},
{
"title": "Patch for Cisco Iox Arbitrary File Modification Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/91293"
},
{
"title": "Cisco IOx Cisco Application-hosting Framework Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68704"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-patches-critical-iox-vulnerability/124533/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03697"
},
{
"db": "VULMON",
"id": "CVE-2017-3852"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002642"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-993"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-112055"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002642"
},
{
"db": "NVD",
"id": "CVE-2017-3852"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170322-caf2"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/97014"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1038108"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1038109"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3852"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3852"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/cisco-patches-critical-iox-vulnerability/124533/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03697"
},
{
"db": "VULHUB",
"id": "VHN-112055"
},
{
"db": "VULMON",
"id": "CVE-2017-3852"
},
{
"db": "BID",
"id": "97014"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002642"
},
{
"db": "NVD",
"id": "CVE-2017-3852"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-993"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-03697"
},
{
"db": "VULHUB",
"id": "VHN-112055"
},
{
"db": "VULMON",
"id": "CVE-2017-3852"
},
{
"db": "BID",
"id": "97014"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002642"
},
{
"db": "NVD",
"id": "CVE-2017-3852"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-993"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-03697"
},
{
"date": "2017-03-22T00:00:00",
"db": "VULHUB",
"id": "VHN-112055"
},
{
"date": "2017-03-22T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3852"
},
{
"date": "2017-03-22T00:00:00",
"db": "BID",
"id": "97014"
},
{
"date": "2017-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002642"
},
{
"date": "2017-03-22T19:59:00.197000",
"db": "NVD",
"id": "CVE-2017-3852"
},
{
"date": "2017-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-993"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-03697"
},
{
"date": "2017-07-12T00:00:00",
"db": "VULHUB",
"id": "VHN-112055"
},
{
"date": "2017-07-12T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3852"
},
{
"date": "2017-03-23T00:01:00",
"db": "BID",
"id": "97014"
},
{
"date": "2017-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002642"
},
{
"date": "2017-07-12T01:29:15.817000",
"db": "NVD",
"id": "CVE-2017-3852"
},
{
"date": "2017-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-993"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-993"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOx Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002642"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-993"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…