var-200909-0292
Vulnerability from variot
Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159. Cisco Application Control Engine (ACE) XML Gateway is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that can aid in further attacks. This issue is being tracked by Cisco Bug CSCtb82159. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
The weakness is caused due to error messages generated as responses to unsupported HTTP requests including a client's normally hidden, internal IP address. This can be exploited to disclose the IP address of e.g. an internal load balancer via e.g. an OPTIONS HTTP request.
SOLUTION: The weakness will reportedly be fixed in system software version 6.1, expected to be available in November 2009.
Remove IP addresses from outgoing HTTP error messages by using a web proxy.
PROVIDED AND/OR DISCOVERED BY: nitr\xd8us (Alejandro Hernandez H.), CubilFelino Security Research Lab
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sr-20090925-axg.shtml
CubilFelino Security Research Lab: http://www.brainoverflow.org/advisories/cisco_ace_xml_gw_ip_disclosure.txt
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200909-0292",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ace xml gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "6.0\\(0\\)"
},
{
"model": "ace web application firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "6.0\\(1\\)"
},
{
"model": "ace xml gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "6.0\\(2\\)"
},
{
"model": "ace xml gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "6.0\\(1\\)"
},
{
"model": "ace web application firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "6.0\\(0\\)"
},
{
"model": "ace web application firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "6.0\\(2\\)"
},
{
"model": "ace web application firewall",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(3\\)"
},
{
"model": "ace xml gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(3\\)"
},
{
"model": "ace web application firewall",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "ace xml gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "ace web application firewall",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.0\\(3\\)"
},
{
"model": "ace xml gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.0\\(3\\)"
},
{
"model": "application control engine xml gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "application control engine web app. firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "ace xml gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application control engine xml gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "application control engine web app. firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
}
],
"sources": [
{
"db": "BID",
"id": "36522"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003800"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-056"
},
{
"db": "NVD",
"id": "CVE-2009-3457"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:ace_web_application_firewall",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:ace_xml_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003800"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alejandro Hernandez H. nitrousenador@gmail.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200910-056"
}
],
"trust": 0.6
},
"cve": "CVE-2009-3457",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2009-3457",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-40903",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-3457",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2009-3457",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200910-056",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-40903",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40903"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003800"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-056"
},
{
"db": "NVD",
"id": "CVE-2009-3457"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159. Cisco Application Control Engine (ACE) XML Gateway is prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that can aid in further attacks. \nThis issue is being tracked by Cisco Bug CSCtb82159. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nThe weakness is caused due to error messages generated as responses\nto unsupported HTTP requests including a client\u0027s normally hidden,\ninternal IP address. This can be exploited to disclose the IP address\nof e.g. an internal load balancer via e.g. an OPTIONS HTTP request. \n\nSOLUTION:\nThe weakness will reportedly be fixed in system software version 6.1,\nexpected to be available in November 2009. \n\nRemove IP addresses from outgoing HTTP error messages by using a web\nproxy. \n\nPROVIDED AND/OR DISCOVERED BY:\nnitr\\xd8us (Alejandro Hernandez H.), CubilFelino Security Research Lab\n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sr-20090925-axg.shtml\n\nCubilFelino Security Research Lab:\nhttp://www.brainoverflow.org/advisories/cisco_ace_xml_gw_ip_disclosure.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3457"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003800"
},
{
"db": "BID",
"id": "36522"
},
{
"db": "VULHUB",
"id": "VHN-40903"
},
{
"db": "PACKETSTORM",
"id": "81682"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-40903",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40903"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3457",
"trust": 2.8
},
{
"db": "BID",
"id": "36522",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "36879",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2009-2778",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1022949",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003800",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200910-056",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20090925 UNMATCHED REQUEST DISCLOSES CLIENT INTERNAL IP ADDRESS",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20090924 CISCO ACE XML GATEWAY \u003c= 6.0 INTERNAL IP DISCLOSURE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20090925 CISCO ACE XML GATEWAY \u003c= 6.0 INTERNAL IP DISCLOSURE",
"trust": 0.6
},
{
"db": "XF",
"id": "53482",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-67014",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "10000",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-40903",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81682",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40903"
},
{
"db": "BID",
"id": "36522"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003800"
},
{
"db": "PACKETSTORM",
"id": "81682"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-056"
},
{
"db": "NVD",
"id": "CVE-2009-3457"
}
]
},
"id": "VAR-200909-0292",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-40903"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:14:31.214000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Document ID: 600",
"trust": 0.8,
"url": "http://www.cisco.com/en/US/products/csr/cisco-sr-20090925-axg.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003800"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40903"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003800"
},
{
"db": "NVD",
"id": "CVE-2009-3457"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.brainoverflow.org/advisories/cisco_ace_xml_gw_ip_disclosure.txt"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/36522"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_response09186a0080af8965.html"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2009/sep/0369.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1022949"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/36879"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/2778"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/506716/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53482"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3457"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3457"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/53482"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/506716/100/0/threaded"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20090925-axg.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/ps7314/"
},
{
"trust": 0.3,
"url": "/archive/1/506716"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36879/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40903"
},
{
"db": "BID",
"id": "36522"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003800"
},
{
"db": "PACKETSTORM",
"id": "81682"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-056"
},
{
"db": "NVD",
"id": "CVE-2009-3457"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-40903"
},
{
"db": "BID",
"id": "36522"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003800"
},
{
"db": "PACKETSTORM",
"id": "81682"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-056"
},
{
"db": "NVD",
"id": "CVE-2009-3457"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-40903"
},
{
"date": "2009-09-25T00:00:00",
"db": "BID",
"id": "36522"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003800"
},
{
"date": "2009-09-28T05:54:18",
"db": "PACKETSTORM",
"id": "81682"
},
{
"date": "2009-09-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200910-056"
},
{
"date": "2009-09-29T18:00:00.407000",
"db": "NVD",
"id": "CVE-2009-3457"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-40903"
},
{
"date": "2015-04-13T21:06:00",
"db": "BID",
"id": "36522"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003800"
},
{
"date": "2009-10-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200910-056"
},
{
"date": "2024-11-21T01:07:24.033000",
"db": "NVD",
"id": "CVE-2009-3457"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200910-056"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco AXG Vulnerabilities that collect important information",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003800"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200910-056"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…