var-201903-0357
Vulnerability from variot
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. The vulnerability exists because the software improperly validates user-supplied input during user authentication. An attacker could exploit this vulnerability by connecting to an affected device using HTTP and supplying malicious user credentials. A successful exploit could allow the attacker to trigger a reload of an affected device, resulting in a DoS condition, or to execute arbitrary code with the privileges of the app user. Cisco fixed this vulnerability in the following SIP Software releases: 10.3(1)SR5 and later for Cisco Unified IP Conference Phone 8831; 11.0(4)SR3 and later for Cisco Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 and later for the rest of the Cisco IP Phone 7800 Series and 8800 Series. These issues are being tracked by Cisco Bug IDs CSCvn56168, CSCvn72540 and CSCvo05687
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201903-0357", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ip conference phone 7800", scope: "lt", trust: 1, vendor: "cisco", version: "12.5\\(1\\)sr1", }, { model: "ip phone 8821-ex", scope: "lt", trust: 1, vendor: "cisco", version: "11.0\\(4\\)sr3", }, { model: "ip phone 8821", scope: "lt", trust: 1, vendor: "cisco", version: "11.0\\(4\\)sr3", }, { model: "ip phone 8800", scope: "lt", trust: 1, vendor: "cisco", version: "12.5\\(1\\)sr1", }, { model: "unified ip conferenece phone 8831", scope: "lt", trust: 1, vendor: "cisco", version: "10.3\\(1\\)sr5", }, { model: "ip phone 7800 series", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "ip phone 8800 series", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "ip phone 8821", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "ip phone 8821-ex", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "unified ip conference phone 8831", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "ip phone series", scope: "eq", trust: 0.6, vendor: "cisco", version: "8800", }, { model: "ip phone series", scope: "eq", trust: 0.6, vendor: "cisco", version: "7800", }, { model: "wireless ip phone 8821-ex 11.0 sr2", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "wireless ip phone 8821-ex 11.0 sr1", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "wireless ip phone 11.0 sr2", scope: "eq", trust: 0.3, vendor: "cisco", version: "8821", }, { model: "wireless ip phone 11.0 sr1", scope: "eq", trust: 0.3, vendor: "cisco", version: "8821", }, { model: "unified ip conference phone 10.3 sr4b", scope: "eq", trust: 0.3, vendor: "cisco", version: "8831", }, { model: "unified ip conference phone 10.3 sr3", scope: "eq", trust: 0.3, vendor: "cisco", version: "8831", }, { model: "unified ip conference phone 10.3 sr2", scope: "eq", trust: 0.3, vendor: "cisco", version: "8831", }, { model: "unified ip conference phone 10.3 sr1", scope: "eq", trust: 0.3, vendor: "cisco", version: "8831", }, { model: "unified ip conference phone", scope: "eq", trust: 0.3, vendor: "cisco", version: "883110.3(1)", }, { model: "ip phone series", scope: "eq", trust: 0.3, vendor: "cisco", version: "88009.4(2)", }, { model: "ip phone series", scope: "eq", trust: 0.3, vendor: "cisco", version: "880012.5(1)", }, { model: "ip phone series 11.0 sr2015", scope: "eq", trust: 0.3, vendor: "cisco", version: "8800", }, { model: "ip phone series", scope: "eq", trust: 0.3, vendor: "cisco", version: "780012.5(1)", }, { model: "wireless ip phone 8821-ex 11.0 sr3", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "wireless ip phone 11.0 sr3", scope: "ne", trust: 0.3, vendor: "cisco", version: "8821", }, { model: "unified ip conference phone 10.3 sr5", scope: "ne", trust: 0.3, vendor: "cisco", version: "8831", }, { model: "ip phone series 12.6 mn112", scope: "ne", trust: 0.3, vendor: "cisco", version: "8800", }, { model: "ip phone series 12.5 sr2", scope: "ne", trust: 0.3, vendor: "cisco", version: "8800", }, { model: "ip phone series 12.5 sr1.3", scope: "ne", trust: 0.3, vendor: "cisco", version: "8800", }, { model: "ip phone series 12.5 sr1", scope: "ne", trust: 0.3, vendor: "cisco", version: "8800", }, { model: "ip phone series 12.5 es2", scope: "ne", trust: 0.3, vendor: "cisco", version: "8800", }, { model: "ip phone series", scope: "ne", trust: 0.3, vendor: "cisco", version: "880011.0(5.5)", }, { model: "ip phone series 11.0 sr3.2", scope: "ne", trust: 0.3, vendor: "cisco", version: "8800", }, { model: "ip phone series 11.0 sr3", scope: "ne", trust: 0.3, vendor: "cisco", version: "8800", }, { model: "ip phone series 11.0 mn43", scope: "ne", trust: 0.3, vendor: "cisco", version: "8800", }, { model: "ip phone series 12.5 sr1", scope: "ne", trust: 0.3, vendor: "cisco", version: "7800", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-70973", }, { db: "BID", id: "107503", }, { db: "JVNDB", id: "JVNDB-2019-003057", }, { db: "NVD", id: "CVE-2019-1716", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:ip_phone_8821_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "11.0\\(4\\)sr3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "11.0\\(4\\)sr3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:ip_phone_8821-ex:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:ip_conference_phone_7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "12.5\\(1\\)sr1", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:ip_conference_phone_7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:ip_phone_8800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "12.5\\(1\\)sr1", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:unified_ip_conferenece_phone_8831_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.3\\(1\\)sr5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:unified_ip_conferenece_phone_8831:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-1716", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "David Gullasch of modzero AG and Denys Vozniuk of DarkMatter?.", sources: [ { db: "CNNVD", id: "CNNVD-201903-691", }, ], trust: 0.6, }, cve: "CVE-2019-1716", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-1716", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-70973", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-1716", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-1716", trust: 1.8, value: "CRITICAL", }, { author: "ykramarz@cisco.com", id: "CVE-2019-1716", trust: 1, value: "HIGH", }, { author: "CNVD", id: "CNVD-2020-70973", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201903-691", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-70973", }, { db: "JVNDB", id: "JVNDB-2019-003057", }, { db: "NVD", id: "CVE-2019-1716", }, { db: "NVD", id: "CVE-2019-1716", }, { db: "CNNVD", id: "CNNVD-201903-691", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. The vulnerability exists because the software improperly validates user-supplied input during user authentication. An attacker could exploit this vulnerability by connecting to an affected device using HTTP and supplying malicious user credentials. A successful exploit could allow the attacker to trigger a reload of an affected device, resulting in a DoS condition, or to execute arbitrary code with the privileges of the app user. Cisco fixed this vulnerability in the following SIP Software releases: 10.3(1)SR5 and later for Cisco Unified IP Conference Phone 8831; 11.0(4)SR3 and later for Cisco Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 and later for the rest of the Cisco IP Phone 7800 Series and 8800 Series. \nThese issues are being tracked by Cisco Bug IDs CSCvn56168, CSCvn72540 and CSCvo05687", sources: [ { db: "NVD", id: "CVE-2019-1716", }, { db: "JVNDB", id: "JVNDB-2019-003057", }, { db: "CNVD", id: "CNVD-2020-70973", }, { db: "BID", id: "107503", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-1716", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2019-003057", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-70973", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201903-691", trust: 0.6, }, { db: "BID", id: "107503", trust: 0.3, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-70973", }, { db: "BID", id: "107503", }, { db: "JVNDB", id: "JVNDB-2019-003057", }, { db: "NVD", id: "CVE-2019-1716", }, { db: "CNNVD", id: "CNNVD-201903-691", }, ], }, id: "VAR-201903-0357", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-70973", }, ], trust: 0.97675563, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-70973", }, ], }, last_update_date: "2023-12-18T14:01:00.414000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-20190320-ip-phone-rce", trust: 0.8, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190320-ip-phone-rce", }, { title: "Patch for Cisco IP Phone 7800 Series and 8800 Series Remote Code Execution Vulnerabilities", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/241903", }, { title: "Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series Session Initiation Protocol Fixes for software input validation vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=90244", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-70973", }, { db: "JVNDB", id: "JVNDB-2019-003057", }, { db: "CNNVD", id: "CNNVD-201903-691", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-003057", }, { db: "NVD", id: "CVE-2019-1716", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.9, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190320-ip-phone-rce", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-1716", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1716", }, { trust: 0.3, url: "http://www.cisco.com/", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-70973", }, { db: "BID", id: "107503", }, { db: "JVNDB", id: "JVNDB-2019-003057", }, { db: "NVD", id: "CVE-2019-1716", }, { db: "CNNVD", id: "CNNVD-201903-691", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-70973", }, { db: "BID", id: "107503", }, { db: "JVNDB", id: "JVNDB-2019-003057", }, { db: "NVD", id: "CVE-2019-1716", }, { db: "CNNVD", id: "CNNVD-201903-691", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-12-11T00:00:00", db: "CNVD", id: "CNVD-2020-70973", }, { date: "2019-03-20T00:00:00", db: "BID", id: "107503", }, { date: "2019-05-08T00:00:00", db: "JVNDB", id: "JVNDB-2019-003057", }, { date: "2019-03-22T20:29:00.353000", db: "NVD", id: "CVE-2019-1716", }, { date: "2019-03-20T00:00:00", db: "CNNVD", id: "CNNVD-201903-691", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-12-13T00:00:00", db: "CNVD", id: "CNVD-2020-70973", }, { date: "2019-03-20T00:00:00", db: "BID", id: "107503", }, { date: "2019-05-08T00:00:00", db: "JVNDB", id: "JVNDB-2019-003057", }, { date: "2019-10-09T23:47:48.267000", db: "NVD", id: "CVE-2019-1716", }, { date: "2019-03-21T00:00:00", db: "CNNVD", id: "CNNVD-201903-691", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201903-691", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cisco IP Phone 7800 Series and multiple Cisco IP Phone 8800 Vulnerability related to input validation in series products", sources: [ { db: "JVNDB", id: "JVNDB-2019-003057", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation", sources: [ { db: "CNNVD", id: "CNNVD-201903-691", }, ], trust: 0.6, }, }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.