CVE-2015-4161

{"id": "CVE-2015-4161", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-06-02T14:59:21.143", "references": [{"url": "http://seclists.org/fulldisclosure/2015/May/96", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/74800", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "SAP Afaria does not properly restrict access to unspecified functionality, which allows remote attackers to obtain sensitive information, gain privileges, or have other unspecified impact via unknown vectors, SAP Security Note 2155690."}, {"lang": "es", "value": "SAP Afaria no restringe correctamente el acceso a una funcionalidad no especificada, lo que permite a atacantes remotos obtener informaci\u00f3n sensible, ganar privilegios o tener otro impacto no especificado a trav\u00e9s de vectores desconocidos, nota de seguridad de SAP 2155690."}], "lastModified": "2016-12-31T02:59:32.627", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:afaria:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44B4C9B8-6480-444F-9F6E-C0B13CAA89EF"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}