Lucene search

[email protected]NVD:CVE-2014-2331

HistoryAug 31, 2015 - 6:59 p.m.

CVE-2014-2331

2015-08-3118:59:03

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

6.8

Confidence

Low

EPSS

0.002

Percentile

64.8%

JSON

Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330.

Affected configurations

Nvd

Node

check_mk_projectcheck_mkRange≤1.2.2

check_mk_projectcheck_mkRange≤1.2.3

VendorProductVersionCPE
check_mk_projectcheck_mk*cpe:2.3:a:check_mk_project:check_mk:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
check_mk_project	check_mk	*	cpe:2.3:a:check_mk_project:check_mk::::::::

References

www.securityfocus.com/archive/1/531594

www.securityfocus.com/archive/1/531656

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

6.8

Confidence

Low

EPSS

0.002

Percentile

64.8%

JSON

Related for NVD:CVE-2014-2331

prion3 cve3 cvelist3 ubuntucve3 fedora8 openvas10 nessus8 securityvulns2 nvd2 seebug2