CVE-2016-7991 - Vulnerability Details

Vendors	Products
Google	Android
Samsung	Galaxy S4 Galaxy S4 Mini Galaxy S5 Galaxy S6 Galaxy S7

Link	Providers
http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016
http://www.securityfocus.com/bid/94088

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-10-31T00:00:00", "descriptions": [{"lang": "en", "value": "On Samsung Galaxy S4 through S7 devices, the \"omacp\" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-25T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "94088", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/94088"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-7991", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "On Samsung Galaxy S4 through S7 devices, the \"omacp\" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "94088", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94088"}, {"name": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016", "refsource": "CONFIRM", "url": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T02:13:21.791Z"}, "title": "CVE Program Container", "references": [{"name": "94088", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/94088"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-7991", "datePublished": "2016-10-31T10:00:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:21.791Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2016-10-31T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2016-11-25T19:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : 94088 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/94088 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2016-7991 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 94088 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/94088 (string)

}

1 : { »

name : http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016 (string)

refsource : CONFIRM (string)

url : http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T02:13:21.791Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 94088 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/94088 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2016-7991 (string)

datePublished : 2016-10-31T10:00:00 (string)

dateReserved : 2016-09-09T00:00:00 (string)

dateUpdated : 2024-08-06T02:13:21.791Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "49413FF7-7910-4F74-B106-C3170612CB2A", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A8882E50-7C49-4A99-91F2-DF979CF8BB2F", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "98C32982-095C-4628-9958-118A3D3A9CAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "E3CEEA22-63B4-4702-A400-01349DF0EC1E", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "7C4E6353-B77A-464F-B7DE-932704003B33", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "77125688-2CCA-4990-ABB2-551D47CB0CDD", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E9915371-C730-41F7-B86E-7E4DE0DF5385", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E7A8EC00-266C-409B-AD43-18E8DFCD6FE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B846C63A-7261-481E-B4A4-0D8C79E0D8A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B1D94CDD-DE7B-444E-A3AE-AE9C9A779374", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E70C6D8D-C9C3-4D92-8DFC-71F59E068295", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "691FA41B-C2CE-413F-ABB1-0B22CB322807", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*", "matchCriteriaId": "717D895C-E64D-4E0E-9F4A-9B191E6388B6", "vulnerable": false}, {"criteria": "cpe:2.3:h:samsung:galaxy_s4_mini:-:*:*:*:*:*:*:*", "matchCriteriaId": "721FDF15-999F-42C1-90C2-4708C6DB98B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:samsung:galaxy_s5:-:*:*:*:*:*:*:*", "matchCriteriaId": "7060E1BD-9FFF-4D74-A2EE-20ABB447EA23", "vulnerable": false}, {"criteria": "cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9C84354-75A3-4E55-A2D0-C0783AF36B37", "vulnerable": false}, {"criteria": "cpe:2.3:h:samsung:galaxy_s7:-:*:*:*:*:*:*:*", "matchCriteriaId": "F54653E7-88CD-4AA3-A2CD-BA0B116955F1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "On Samsung Galaxy S4 through S7 devices, the \"omacp\" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542."}, {"lang": "es", "value": "En dispositivos Samsung Galaxy S4 hasta la versi\u00f3n S7, la aplicaci\u00f3n \"omacp\" ignora informaci\u00f3n de seguridad incrustada en los mensajes OMACP resultando en que mensajes WAP Push SMS remotos no solicitados son aceptados, analizados y manejados por el dispositivo, lo que lleva a cambios en la configuraci\u00f3n no autorizados, un subconjunto de SVE-2016-6542."}], "id": "CVE-2016-7991", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-10-31T10:59:08.147", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94088"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94088"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-388"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 49413FF7-7910-4F74-B106-C3170612CB2A (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:* (string)

matchCriteriaId : A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:* (string)

matchCriteriaId : A8882E50-7C49-4A99-91F2-DF979CF8BB2F (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 98C32982-095C-4628-9958-118A3D3A9CAA (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:* (string)

matchCriteriaId : EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:* (string)

matchCriteriaId : FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:* (string)

matchCriteriaId : E3CEEA22-63B4-4702-A400-01349DF0EC1E (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 7C4E6353-B77A-464F-B7DE-932704003B33 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 77125688-2CCA-4990-ABB2-551D47CB0CDD (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:* (string)

matchCriteriaId : E9915371-C730-41F7-B86E-7E4DE0DF5385 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : E7A8EC00-266C-409B-AD43-18E8DFCD6FE3 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : B846C63A-7261-481E-B4A4-0D8C79E0D8A7 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : B1D94CDD-DE7B-444E-A3AE-AE9C9A779374 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E70C6D8D-C9C3-4D92-8DFC-71F59E068295 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 691FA41B-C2CE-413F-ABB1-0B22CB322807 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 717D895C-E64D-4E0E-9F4A-9B191E6388B6 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:samsung:galaxy_s4_mini:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 721FDF15-999F-42C1-90C2-4708C6DB98B1 (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:samsung:galaxy_s5:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7060E1BD-9FFF-4D74-A2EE-20ABB447EA23 (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E9C84354-75A3-4E55-A2D0-C0783AF36B37 (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:h:samsung:galaxy_s7:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F54653E7-88CD-4AA3-A2CD-BA0B116955F1 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542. (string)

}

1 : { »

lang : es (string)

value : En dispositivos Samsung Galaxy S4 hasta la versión S7, la aplicación "omacp" ignora información de seguridad incrustada en los mensajes OMACP resultando en que mensajes WAP Push SMS remotos no solicitados son aceptados, analizados y manejados por el dispositivo, lo que lleva a cambios en la configuración no autorizados, un subconjunto de SVE-2016-6542. (string)

}

]

id : CVE-2016-7991 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 7.8 (number)

confidentialityImpact : NONE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:C/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 6.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N (string)

version : 3.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2016-10-31T10:59:08.147 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016 (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/94088 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/94088 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-388 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Complete

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Complete

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object