{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000134.html",
  "dc:date": "2019-08-27T17:41+09:00",
  "dcterms:issued": "2018-12-21T14:10+09:00",
  "dcterms:modified": "2019-08-27T17:41+09:00",
  "description": "PgpoolAdmin provided by PgPool Global Development Group fails to restrict access permissions (CWE-264).\r\n\r\nFotios Rogkotis of DarkMatter reported this vulnerability to PgPool Global Development Group, and PgPool Global Development Group reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and PgPool Global Development Group coordinated under the Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000134.html",
  "sec:cpe": {
    "#text": "cpe:/a:pgpool:pgpooladmin",
    "@product": "PgpoolAdmin",
    "@vendor": "PgPool Global Development Group",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "7.5",
      "@severity": "High",
      "@type": "Base",
      "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
      "@version": "2.0"
    },
    {
      "@score": "9.8",
      "@severity": "Critical",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2018-000134",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN13199224/index.html",
      "@id": "JVN#13199224",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16203",
      "@id": "CVE-2018-16203",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-16203",
      "@id": "CVE-2018-16203",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-264",
      "@title": "Permissions(CWE-264)"
    }
  ],
  "title": "PgpoolAdmin fails to restrict access permissions"
}