CVE-2018-16192

{"id": "CVE-2018-16192", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2019-01-09T23:29:04.357", "references": [{"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html", "tags": ["Vendor Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "https://jvn.jp/en/jp/JVN87535892/index.html", "tags": ["Third Party Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://jvn.jp/en/jp/JVN87535892/index.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allow an attacker on the same network segment to obtain information registered on the device via unspecified vectors."}, {"lang": "es", "value": "Aterm WF1200CR y Aterm WG1200CR (Aterm WF1200CR con firmware en versiones 1.1.1 y anteriores y Aterm WG1200CR con firmware en versiones 1.0.1 y anteriores) permiten que un atacante en el mismo segmento de red obtenga informaci\u00f3n registrada en el dispositivo mediante vectores sin especificar."}], "lastModified": "2024-11-21T03:52:15.770", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wf1200cr_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "076240BB-05FD-49BF-B009-AEA6EEF83578", "versionEndIncluding": "1.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wf1200cr:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3A91D9EB-5962-498E-9B14-C5712DDDF7C2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wg1200cr_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4C4E131-9306-4F48-A658-CA823B6E65ED", "versionEndIncluding": "1.0.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wg1200cr:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "936D9DD3-11E5-4862-B157-85B13EA06C38"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "vultures@jpcert.or.jp"}