CVE-2012-0300

{"id": "CVE-2012-0300", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-07-05T17:55:00.980", "references": [{"url": "http://www.securityfocus.com/bid/54136", "source": "cve@mitre.org"}, {"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120626_00", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Brightmail Control Center in Symantec Message Filter 6.3 does not properly restrict establishment of sessions to the listening port, which allows remote attackers to obtain potentially sensitive version information via unspecified vectors."}, {"lang": "es", "value": "Centro de control de Brightmail de Symantec Message Filter v6.3 no restringe adecuadamente el establecimiento de sesiones a trav\u00e9s del puerto de escucha, lo que permite a atacantes remotos obtener informaci\u00f3n de versi\u00f3n potencialmente sensible a trav\u00e9s de vectores no especificados."}], "lastModified": "2012-07-17T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:message_filter:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FC5499F-B394-44C8-BFBA-798225AB60EC", "versionEndIncluding": "6.3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}