CVE-2006-0023 (GCVE-0-2006-0023)

Vulnerability from cvelistv5 – Published: 2006-02-08 02:00 – Updated: 2024-08-07 16:18
VLAI?
Summary
Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versions, uses insecure default ACLs that allow the Authenticated Users group to gain privileges by modifying critical configuration information for the (1) Simple Service Discovery Protocol (SSDP), (2) Universal Plug and Play Device Host (UPnP), (3) NetBT, (4) SCardSvr, (5) DHCP, and (6) DnsCache services, aka "Permissive Windows Services DACLs." NOTE: the NetBT, SCardSvr, DHCP, DnsCache already require privileged access to exploit.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://secunia.com/advisories/19313 third-party-advisoryx_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://securitytracker.com/id?1015765 vdb-entryx_refsource_SECTRACK
http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
http://secunia.com/advisories/19238 third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/423587/100… mailing-listx_refsource_BUGTRAQ
http://www.kb.cert.org/vuls/id/953860 third-party-advisoryx_refsource_CERT-VN
http://www130.nortelnetworks.com/cgi-bin/eserv/cs… x_refsource_CONFIRM
http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://secunia.com/advisories/18756 third-party-advisoryx_refsource_SECUNIA
https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.microsoft.com/technet/security/advisor… x_refsource_MISC
http://securitytracker.com/id?1015595 vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2006/0417 vdb-entryx_refsource_VUPEN
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:18:20.702Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "19313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19313"
          },
          {
            "name": "oval:org.mitre.oval:def:1671",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1671"
          },
          {
            "name": "1015765",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015765"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
          },
          {
            "name": "19238",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19238"
          },
          {
            "name": "20060131 Windows Access Control Demystified",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/423587/100/0/threaded"
          },
          {
            "name": "VU#953860",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/953860"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=391523\u0026RenditionID="
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf"
          },
          {
            "name": "win-auth-users-insecure-permissions(24463)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24463"
          },
          {
            "name": "18756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18756"
          },
          {
            "name": "MS06-011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-011"
          },
          {
            "name": "oval:org.mitre.oval:def:1696",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1696"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.microsoft.com/technet/security/advisory/914457.mspx"
          },
          {
            "name": "1015595",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015595"
          },
          {
            "name": "ADV-2006-0417",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0417"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versions, uses insecure default ACLs that allow the Authenticated Users group to gain privileges by modifying critical configuration information for the (1) Simple Service Discovery Protocol (SSDP), (2) Universal Plug and Play Device Host (UPnP), (3) NetBT, (4) SCardSvr, (5) DHCP, and (6) DnsCache services, aka \"Permissive Windows Services DACLs.\"  NOTE: the NetBT, SCardSvr, DHCP, DnsCache already require privileged access to exploit."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "19313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19313"
        },
        {
          "name": "oval:org.mitre.oval:def:1671",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1671"
        },
        {
          "name": "1015765",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015765"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
        },
        {
          "name": "19238",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19238"
        },
        {
          "name": "20060131 Windows Access Control Demystified",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/423587/100/0/threaded"
        },
        {
          "name": "VU#953860",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/953860"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=391523\u0026RenditionID="
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf"
        },
        {
          "name": "win-auth-users-insecure-permissions(24463)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24463"
        },
        {
          "name": "18756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18756"
        },
        {
          "name": "MS06-011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-011"
        },
        {
          "name": "oval:org.mitre.oval:def:1696",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1696"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.microsoft.com/technet/security/advisory/914457.mspx"
        },
        {
          "name": "1015595",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015595"
        },
        {
          "name": "ADV-2006-0417",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0417"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-0023",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versions, uses insecure default ACLs that allow the Authenticated Users group to gain privileges by modifying critical configuration information for the (1) Simple Service Discovery Protocol (SSDP), (2) Universal Plug and Play Device Host (UPnP), (3) NetBT, (4) SCardSvr, (5) DHCP, and (6) DnsCache services, aka \"Permissive Windows Services DACLs.\"  NOTE: the NetBT, SCardSvr, DHCP, DnsCache already require privileged access to exploit."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "19313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19313"
            },
            {
              "name": "oval:org.mitre.oval:def:1671",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1671"
            },
            {
              "name": "1015765",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015765"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
            },
            {
              "name": "19238",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19238"
            },
            {
              "name": "20060131 Windows Access Control Demystified",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/423587/100/0/threaded"
            },
            {
              "name": "VU#953860",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/953860"
            },
            {
              "name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=391523\u0026RenditionID=",
              "refsource": "CONFIRM",
              "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=391523\u0026RenditionID="
            },
            {
              "name": "http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf",
              "refsource": "MISC",
              "url": "http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf"
            },
            {
              "name": "win-auth-users-insecure-permissions(24463)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24463"
            },
            {
              "name": "18756",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18756"
            },
            {
              "name": "MS06-011",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-011"
            },
            {
              "name": "oval:org.mitre.oval:def:1696",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1696"
            },
            {
              "name": "http://www.microsoft.com/technet/security/advisory/914457.mspx",
              "refsource": "MISC",
              "url": "http://www.microsoft.com/technet/security/advisory/914457.mspx"
            },
            {
              "name": "1015595",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015595"
            },
            {
              "name": "ADV-2006-0417",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0417"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-0023",
    "datePublished": "2006-02-08T02:00:00",
    "dateReserved": "2005-11-30T00:00:00",
    "dateUpdated": "2024-08-07T16:18:20.702Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-0023\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2006-02-08T02:18:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versions, uses insecure default ACLs that allow the Authenticated Users group to gain privileges by modifying critical configuration information for the (1) Simple Service Discovery Protocol (SSDP), (2) Universal Plug and Play Device Host (UPnP), (3) NetBT, (4) SCardSvr, (5) DHCP, and (6) DnsCache services, aka \\\"Permissive Windows Services DACLs.\\\"  NOTE: the NetBT, SCardSvr, DHCP, DnsCache already require privileged access to exploit.\"},{\"lang\":\"es\",\"value\":\"Microsoft Windows XP SP1 y SP2 anteriores a agosto de 2004, y posiblemente otros sistemas operativos y versiones, usa ACLs inseguras por defecto que permiten al grupo Usuarios autentificados ganar privilegios modificando informaci\u00f3n de configuraci\u00f3n cr\u00edtica de los servicios (1) Protocolo de Descubrimiento de Servicio Simple (SSDP) y (2) \u0027Plug and Play\u0027 Universal (UPnP), (3) NetBT, (4) SCardSvr, (5) DHCP y (6) servicios DnsCache, tcc \\\"DACLs de Servicios de Windows Permisivas\\\". NOTA: Los servicios NetBT, SCardSvr, DHCP, DnsCache ya requer\u00edan acceso privilegiado para acceder a la explotaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":4.3,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.1,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*\",\"matchCriteriaId\":\"B9687E6C-EDE9-42E4-93D0-C4144FEC917A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*\",\"matchCriteriaId\":\"FB2BE2DE-7B06-47ED-A674-15D45448F357\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/18756\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19238\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19313\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1015595\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://securitytracker.com/id?1015765\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.kb.cert.org/vuls/id/953860\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.microsoft.com/technet/security/advisory/914457.mspx\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/423587/100/0/threaded\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/0417\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=391523\u0026RenditionID=\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-011\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/24463\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1671\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1696\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/18756\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19238\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19313\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1015595\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015765\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/953860\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.microsoft.com/technet/security/advisory/914457.mspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/423587/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/0417\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=391523\u0026RenditionID=\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/24463\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1671\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1696\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.