CVE-2008-3349

{"id": "CVE-2008-3349", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-07-28T17:41:00.000", "references": [{"url": "http://now.netapp.com/NOW/products/cpc/cpc0807-01.shtml", "source": "cve@mitre.org"}, {"url": "http://now.netapp.com/NOW/products/cpc/cpc0807-02.shtml", "source": "cve@mitre.org"}, {"url": "http://now.netapp.com/NOW/products/cpc/cpc0807-03.shtml", "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/329772", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44265", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}, {"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades sin especificar en NetApp Data ONTAP, usados sobre NetApp y plataformas IBM eServer, permite a atacantes remotos ejecutar comandos de su elecci\u00f3n que pueden provocar una denegaci\u00f3n de servicio (ca\u00edda de sistema), u obtener informaci\u00f3n sensible. Probablemente relacionado con un acceso insuficiente sobre las peticiones HTTP. NOTA: esta vulnerabilidad puede solaparse con CVE-2008-3160."}], "lastModified": "2017-08-08T01:31:48.247", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:data_ontap:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB1769F0-3E4B-417C-8694-BAB19BB0C432"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ibm:n_series_storage_server:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8579FF83-E9DA-4C60-8BC6-8D08F23430FA"}, {"criteria": "cpe:2.3:h:netapp:fas900:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6432E6DB-B386-4852-A93F-7F8260E0171D"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}