CVE-2017-5000

{"id": "CVE-2017-5000", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2017-07-07T00:29:00.350", "references": [{"url": "http://seclists.org/fulldisclosure/2017/Jun/49", "tags": ["Mailing List", "Third Party Advisory"], "source": "security_alert@emc.com"}, {"url": "http://www.securityfocus.com/bid/99354", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security_alert@emc.com"}, {"url": "http://www.securitytracker.com/id/1038815", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security_alert@emc.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. A remote low privileged attacker may potentially exploit this vulnerability to use information disclosed in an error message to launch another more focused attack."}, {"lang": "es", "value": "RSA Archer versiones 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 de EMC, est\u00e1 afectado por una exposici\u00f3n de informaci\u00f3n por medio de una vulnerabilidad de mensaje de error. Un atacante remoto con pocos privilegios puede explotar potencialmente esta vulnerabilidad para utilizar la informaci\u00f3n revelada en un mensaje de error para iniciar otro ataque m\u00e1s concentrado."}], "lastModified": "2017-07-11T13:53:50.443", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:emc:rsa_archer_egrc:5.4.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8DD1233-DD85-441C-96BF-0C2F546E9460"}, {"criteria": "cpe:2.3:a:emc:rsa_archer_egrc:5.5.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5CE57E4-7A97-433B-98BA-8D8348414207"}, {"criteria": "cpe:2.3:a:emc:rsa_archer_egrc:5.5.1.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BB7C61B-6E97-456B-91FB-6B3456E5EBB1"}, {"criteria": "cpe:2.3:a:emc:rsa_archer_egrc:5.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF1A155A-42C9-47DC-ABC6-80E1AABF0FE5"}, {"criteria": "cpe:2.3:a:emc:rsa_archer_egrc:5.5.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93AC15A9-4869-4593-B06D-0111E625C94D"}, {"criteria": "cpe:2.3:a:emc:rsa_archer_egrc:5.5.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77DD0FBE-D500-4A77-A440-5958EDF9678B"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}