CVE-2018-1313

{"id": "CVE-2018-1313", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.6}]}, "published": "2018-05-07T13:29:00.267", "references": [{"url": "http://www.securityfocus.com/bid/104140", "tags": ["Broken Link"], "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/r437d94437e6aef31af689b1e7025d024d676fd1ea9901d74e3e9ae48%40%3Cissues.hive.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/r6755f48d4f5e44e39bba7dbf8d746678239d7f1f2cc108125519ce53%40%3Cissues.hive.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/re29ab90978e6c997377fb975f674f7514f6beb642bbf79deb45477e5%40%3Cdev.hive.apache.org%3E", "source": "security@apache.org"}, {"url": "https://markmail.org/message/akkappppxcdqrgxk", "tags": ["Mitigation", "Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "tags": ["Patch", "Third Party Advisory"], "source": "security@apache.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control. If the Derby Network Server is not running with a Java Security Manager policy file, the attack is successful. If the server is using a policy file, the policy file must permit the database location to be read for the attack to work. The default Derby Network Server policy file distributed with the affected releases includes a permissive policy as the default Network Server policy, which allows the attack to work."}, {"lang": "es", "value": "En Apache Derby 10.3.1.4 a 10.14.1.0, un paquete de red especialmente manipulado puede emplearse para solicitar que Derby Network Server cargue una base de datos cuya ubicaci\u00f3n y contenido est\u00e1n bajo el control del usuario. Si Derby Network Server no se est\u00e1 ejecutando con un archivo de pol\u00edticas de Java Security Manager, el ataque tendr\u00e1 \u00e9xito. Si el servidor est\u00e1 usando un archivo de pol\u00edticas, este archivo debe permitir que la ubicaci\u00f3n de la base de datos pueda leerse para que el ataque funcione. El archivo de pol\u00edticas de Derby Network Server por defecto distribuido con las versiones afectadas incluye una pol\u00edtica permisiva como la pol\u00edtica por defecto del servidor de red, lo que permite que el ataque funcione."}], "lastModified": "2023-11-07T02:55:57.403", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:derby:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E77437BA-712B-48F6-90C2-C45CB8C9DEA1", "versionEndIncluding": "10.14.1.0", "versionStartIncluding": "10.3.1.4"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CBFF04EF-B1C3-4601-878A-35EA6A15EF0C"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}