CVE-2014-8421 - Vulnerability Details

Vendors	Products
Atos	Openscape Desk Phone Ip 35g Openscape Desk Phone Ip 35g Eco Openscape Desk Phone Ip 55g
Unify	Openscape Desk Phone Ip Sip Openstage 20 Openstage 40 Openstage 60 Openstage Sip

Link	Providers
https://networks.unify.com/security/advisories/OBSO-1501-02.pdf
https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-02-26T00:00:00", "descriptions": [{"lang": "en", "value": "Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh, or (20) appWeb in /Opera_Deploy."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-04-12T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://networks.unify.com/security/advisories/OBSO-1501-02.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-8421", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh, or (20) appWeb in /Opera_Deploy."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://networks.unify.com/security/advisories/OBSO-1501-02.pdf", "refsource": "CONFIRM", "url": "https://networks.unify.com/security/advisories/OBSO-1501-02.pdf"}, {"name": "https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt", "refsource": "MISC", "url": "https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:18:48.296Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://networks.unify.com/security/advisories/OBSO-1501-02.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-8421", "datePublished": "2018-04-12T21:00:00", "dateReserved": "2014-10-22T00:00:00", "dateUpdated": "2024-08-06T13:18:48.296Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2015-02-26T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh, or (20) appWeb in /Opera_Deploy. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-04-12T20:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://networks.unify.com/security/advisories/OBSO-1501-02.pdf (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2014-8421 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh, or (20) appWeb in /Opera_Deploy. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://networks.unify.com/security/advisories/OBSO-1501-02.pdf (string)

refsource : CONFIRM (string)

url : https://networks.unify.com/security/advisories/OBSO-1501-02.pdf (string)

}

1 : { »

name : https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt (string)

refsource : MISC (string)

url : https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T13:18:48.296Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://networks.unify.com/security/advisories/OBSO-1501-02.pdf (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2014-8421 (string)

datePublished : 2018-04-12T21:00:00 (string)

dateReserved : 2014-10-22T00:00:00 (string)

dateUpdated : 2024-08-06T13:18:48.296Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:unify:openstage_sip:*:*:*:*:*:*:*:*", "matchCriteriaId": "7228102B-6691-4602-A074-11B953C0D681", "versionEndExcluding": "r3.32.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:unify:openstage_20:-:*:*:*:*:*:*:*", "matchCriteriaId": "1E8FFABC-782E-43BB-A402-C20B6B92342A", "vulnerable": false}, {"criteria": "cpe:2.3:h:unify:openstage_40:-:*:*:*:*:*:*:*", "matchCriteriaId": "95BBDFB6-DDA4-4E2C-8DEA-EDD6C07BB0A1", "vulnerable": false}, {"criteria": "cpe:2.3:h:unify:openstage_60:-:*:*:*:*:*:*:*", "matchCriteriaId": "E660AD8F-0961-4BB8-A453-57FFC205C062", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:unify:openscape_desk_phone_ip_sip:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CF4C6F5-E9A5-48E1-8E55-0D7204BA2DC3", "versionEndExcluding": "r3.32.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:atos:openscape_desk_phone_ip_35g:-:*:*:*:*:*:*:*", "matchCriteriaId": "96DC9F9D-8C29-4524-9740-5216E93F86FB", "vulnerable": false}, {"criteria": "cpe:2.3:h:atos:openscape_desk_phone_ip_35g_eco:-:*:*:*:*:*:*:*", "matchCriteriaId": "6D542112-CDD8-4BEA-B52C-507BCC879279", "vulnerable": false}, {"criteria": "cpe:2.3:h:atos:openscape_desk_phone_ip_55g:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC85895E-4D76-47EF-806D-8B6DB7058D5E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh, or (20) appWeb in /Opera_Deploy."}, {"lang": "es", "value": "Los dispositivos Unify (anteriormente Siemens) OpenStage SIP y OpenScape Desk Phone IP V3, en versiones anteriores a la R3.32.0, permiten que atacantes remotos obtengan privilegios de superusuario aprovechando el acceso SSH y la propiedad incorrecta de (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh o (20) appWeb en /Opera_Deploy."}], "id": "CVE-2014-8421", "lastModified": "2024-11-21T02:19:03.320", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-04-12T21:29:00.427", "references": [{"source": "cve@mitre.org", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://networks.unify.com/security/advisories/OBSO-1501-02.pdf"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://networks.unify.com/security/advisories/OBSO-1501-02.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:unify:openstage_sip:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7228102B-6691-4602-A074-11B953C0D681 (string)

versionEndExcluding : r3.32.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:unify:openstage_20:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 1E8FFABC-782E-43BB-A402-C20B6B92342A (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:unify:openstage_40:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 95BBDFB6-DDA4-4E2C-8DEA-EDD6C07BB0A1 (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:unify:openstage_60:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E660AD8F-0961-4BB8-A453-57FFC205C062 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:unify:openscape_desk_phone_ip_sip:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5CF4C6F5-E9A5-48E1-8E55-0D7204BA2DC3 (string)

versionEndExcluding : r3.32.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:atos:openscape_desk_phone_ip_35g:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 96DC9F9D-8C29-4524-9740-5216E93F86FB (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:atos:openscape_desk_phone_ip_35g_eco:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 6D542112-CDD8-4BEA-B52C-507BCC879279 (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:atos:openscape_desk_phone_ip_55g:-:*:*:*:*:*:*:* (string)

matchCriteriaId : CC85895E-4D76-47EF-806D-8B6DB7058D5E (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh, or (20) appWeb in /Opera_Deploy. (string)

}

1 : { »

lang : es (string)

value : Los dispositivos Unify (anteriormente Siemens) OpenStage SIP y OpenScape Desk Phone IP V3, en versiones anteriores a la R3.32.0, permiten que atacantes remotos obtengan privilegios de superusuario aprovechando el acceso SSH y la propiedad incorrecta de (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh o (20) appWeb en /Opera_Deploy. (string)

}

]

id : CVE-2014-8421 (string)

lastModified : 2024-11-21T02:19:03.320 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : SINGLE (string)

availabilityImpact : COMPLETE (string)

baseScore : 8.5 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:N/AC:M/Au:S/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 6.8 (number)

impactScore : 10 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.6 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2018-04-12T21:29:00.427 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : https://networks.unify.com/security/advisories/OBSO-1501-02.pdf (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : https://networks.unify.com/security/advisories/OBSO-1501-02.pdf (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-264 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object