ID CVE-2018-8918Type cveReporter cve@mitre.orgModified 2019-10-09T23:43:00
Description
Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) before 1.1.7-6941 allows remote attackers to inject arbitrary web script or HTML via the host parameter.
{"id": "CVE-2018-8918", "bulletinFamily": "NVD", "title": "CVE-2018-8918", "description": "Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) before 1.1.7-6941 allows remote attackers to inject arbitrary web script or HTML via the host parameter.", "published": "2018-12-24T14:29:00", "modified": "2019-10-09T23:43:00", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8918", "reporter": "cve@mitre.org", "references": ["https://www.synology.com/security/advisory/Synology_SA_18_25"], "cvelist": ["CVE-2018-8918"], "type": "cve", "lastseen": "2019-10-10T12:29:29", "history": [{"bulletin": {"affectedSoftware": [{"name": "synology router_manager", "operator": "eq", "version": "1.1.5-6542-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.6-6931-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.1-6007-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.2-6425"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.1-6414"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.4-6509-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0-5781-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.6-6931-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0-5766"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0-5781-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.3-6030-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.4-6509"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.2-6425-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.5-6542"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.4-6509-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.3-6447"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1-6338-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1-6338-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.4-6509-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.3-6030-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.1-6007"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.1-6007-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.6-6931-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.5-6542-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.3-6030-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.2-6425-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.4-6509-4"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.6-6931"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.5-6542-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.2-6425-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.3-6447-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.5-6542-4"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.3-6447-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0-5781-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.1-6414-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0-5781"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.3-6447-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1-6338"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.2-6022-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.3-6447-4"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.3-6030"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.2-6022"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:synology:router_manager:1.1.5-6542-3", "cpe:/a:synology:router_manager:1.1.4-6509-4", "cpe:/a:synology:router_manager:1.1-6338-1", "cpe:/a:synology:router_manager:1.1.3-6447-3", "cpe:/a:synology:router_manager:1.1.2-6425", "cpe:/a:synology:router_manager:1.0-5766", "cpe:/a:synology:router_manager:1.1", "cpe:/a:synology:router_manager:1.1.6-6931", "cpe:/a:synology:router_manager:1.1.5-6542-1", "cpe:/a:synology:router_manager:1.1.6-6931-3", "cpe:/a:synology:router_manager:1.0-5781-1", "cpe:/a:synology:router_manager:1.0-5781-2", "cpe:/a:synology:router_manager:1.0-5781", "cpe:/a:synology:router_manager:1.0-5781-3", "cpe:/a:synology:router_manager:1.1.4-6509-1", "cpe:/a:synology:router_manager:1.1.4-6509-3", "cpe:/a:synology:router_manager:1.1-6338-2", "cpe:/a:synology:router_manager:1.1.4-6509-2", "cpe:/a:synology:router_manager:1.1.6-6931-2", "cpe:/a:synology:router_manager:1.1.1-6414", "cpe:/a:synology:router_manager:1.0.1-6007-1", "cpe:/a:synology:router_manager:1.1.3-6447", "cpe:/a:synology:router_manager:1.0.2-6022-1", "cpe:/a:synology:router_manager:1.1.6-6931-1", "cpe:/a:synology:router_manager:1.0.1-6007", "cpe:/a:synology:router_manager:1.1.5-6542", "cpe:/a:synology:router_manager:1.1.3-6447-1", "cpe:/a:synology:router_manager:1.1-6338", "cpe:/a:synology:router_manager:1.1.2-6425-3", "cpe:/a:synology:router_manager:1.0.2-6022", "cpe:/a:synology:router_manager:1.1.3-6447-2", "cpe:/a:synology:router_manager:1.1.5-6542-2", "cpe:/a:synology:router_manager:1.1.4-6509", "cpe:/a:synology:router_manager:1.1.2-6425-1", "cpe:/a:synology:router_manager:1.1.1-6414-1", "cpe:/a:synology:router_manager:1.0.3-6030-2", "cpe:/a:synology:router_manager:1.0.1-6007-2", "cpe:/a:synology:router_manager:1.1.5-6542-4", "cpe:/a:synology:router_manager:1.0.3-6030-3", "cpe:/a:synology:router_manager:1.0.3-6030", "cpe:/a:synology:router_manager:1.1.3-6447-4", "cpe:/a:synology:router_manager:1.1.2-6425-2", "cpe:/a:synology:router_manager:1.0.3-6030-1"], "cpe23": [], "cvelist": ["CVE-2018-8918"], "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7}, "cwe": ["CWE-79"], "description": "Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) before 1.1.7-6941 allows remote attackers to inject arbitrary web script or HTML via the host parameter.", "edition": 2, "enchantments": {"dependencies": {"modified": "2019-06-12T20:31:09", "references": []}, "score": {"modified": "2019-06-12T20:31:09", "value": 4.1, "vector": "NONE"}}, "hash": "0153de4279a9b02d9d343d5928a8e842d4836f4448a17cbbca362924ef86b002", "hashmap": [{"hash": "85b75fe5684231fda4375c700f63966c", "key": "affectedSoftware"}, {"hash": "f1f73a3c2c26d66db91cfe0bbfa9503f", "key": "cvss3"}, {"hash": "43c55a2ef083f78c6dc7438319af07b8", "key": "cvss"}, {"hash": "23208d530a55372cfa4cd456c7d3d152", "key": "cvss2"}, {"hash": "fddfd33eb50760df6d239df68a0a77fb", "key": "description"}, {"hash": "7962b842cadc156f20b4a4cad3d20d76", "key": "cvelist"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "8d93c1709799f89eba2bfe66e01c7895", "key": "title"}, {"hash": "e31efe7a9b560c2cad09e9b603cb4023", "key": "modified"}, {"hash": "34e69e045b64924bccf865d56b6918a2", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "a3454bd4516b7b809424c40d30fec0ff", "key": "published"}, {"hash": "510979931c53e296fec35338981de8c8", "key": "references"}, {"hash": "c3732924c0228e693a3ba522a5c0ce06", "key": "cpe"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "9899859f40bc862d2883fa2335412445", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8918", "id": "CVE-2018-8918", "lastseen": "2019-06-12T20:31:09", "modified": "2019-01-07T18:21:00", "objectVersion": "1.3", "published": "2018-12-24T14:29:00", "references": ["https://www.synology.com/security/advisory/Synology_SA_18_25"], "reporter": "cve@mitre.org", "title": "CVE-2018-8918", "type": "cve", "viewCount": 0}, "differentElements": ["modified"], "edition": 2, "lastseen": "2019-06-12T20:31:09"}, {"bulletin": {"affectedSoftware": [], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cvelist": ["CVE-2018-8918"], "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7}, "cwe": ["CWE-79"], "description": "Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) before 1.1.7-6941 allows remote attackers to inject arbitrary web script or HTML via the host parameter.", "edition": 1, "enchantments": {"score": {"modified": "2019-05-29T18:20:30", "value": 4.5, "vector": "NONE"}}, "hash": "2ed97c2fe817573806e86b70c047e45244e0593fa464a434e8ea4cbc1d6e0e30", "hashmap": [{"hash": "f1f73a3c2c26d66db91cfe0bbfa9503f", "key": "cvss3"}, {"hash": "43c55a2ef083f78c6dc7438319af07b8", "key": "cvss"}, {"hash": "23208d530a55372cfa4cd456c7d3d152", "key": "cvss2"}, {"hash": "fddfd33eb50760df6d239df68a0a77fb", "key": "description"}, {"hash": "7962b842cadc156f20b4a4cad3d20d76", "key": "cvelist"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "8d93c1709799f89eba2bfe66e01c7895", "key": "title"}, {"hash": "e31efe7a9b560c2cad09e9b603cb4023", "key": "modified"}, {"hash": "34e69e045b64924bccf865d56b6918a2", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "a3454bd4516b7b809424c40d30fec0ff", "key": "published"}, {"hash": "510979931c53e296fec35338981de8c8", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "9899859f40bc862d2883fa2335412445", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8918", "id": "CVE-2018-8918", "lastseen": "2019-05-29T18:20:30", "modified": "2019-01-07T18:21:00", "objectVersion": "1.3", "published": "2018-12-24T14:29:00", "references": ["https://www.synology.com/security/advisory/Synology_SA_18_25"], "reporter": "cve@mitre.org", "title": "CVE-2018-8918", "type": "cve", "viewCount": 0}, "differentElements": ["cpe", "affectedSoftware"], "edition": 1, "lastseen": "2019-05-29T18:20:30"}], "edition": 3, "hashmap": [{"key": "affectedSoftware", "hash": "85b75fe5684231fda4375c700f63966c"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "c3732924c0228e693a3ba522a5c0ce06"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "7962b842cadc156f20b4a4cad3d20d76"}, {"key": "cvss", "hash": "43c55a2ef083f78c6dc7438319af07b8"}, {"key": "cvss2", "hash": "23208d530a55372cfa4cd456c7d3d152"}, {"key": "cvss3", "hash": "f1f73a3c2c26d66db91cfe0bbfa9503f"}, {"key": "cwe", "hash": "34e69e045b64924bccf865d56b6918a2"}, {"key": "description", "hash": "fddfd33eb50760df6d239df68a0a77fb"}, {"key": "href", "hash": "9899859f40bc862d2883fa2335412445"}, {"key": "modified", "hash": "34c83bfac1dae57b869826021eae17ef"}, {"key": "published", "hash": "a3454bd4516b7b809424c40d30fec0ff"}, {"key": "references", "hash": "510979931c53e296fec35338981de8c8"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "8d93c1709799f89eba2bfe66e01c7895"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "e614dcd69d609ef6a6e3c395906326fc2db1518a0986333057bdfc8c9d358609", "viewCount": 0, "enchantments": {"dependencies": {"references": [], "modified": "2019-10-10T12:29:29"}, "score": {"value": 4.1, "vector": "NONE", "modified": "2019-10-10T12:29:29"}, "vulnersScore": 4.1}, "objectVersion": "1.3", "cpe": ["cpe:/a:synology:router_manager:1.1.5-6542-3", "cpe:/a:synology:router_manager:1.1.4-6509-4", "cpe:/a:synology:router_manager:1.1-6338-1", "cpe:/a:synology:router_manager:1.1.3-6447-3", "cpe:/a:synology:router_manager:1.1.2-6425", "cpe:/a:synology:router_manager:1.0-5766", "cpe:/a:synology:router_manager:1.1", "cpe:/a:synology:router_manager:1.1.6-6931", "cpe:/a:synology:router_manager:1.1.5-6542-1", "cpe:/a:synology:router_manager:1.1.6-6931-3", "cpe:/a:synology:router_manager:1.0-5781-1", "cpe:/a:synology:router_manager:1.0-5781-2", "cpe:/a:synology:router_manager:1.0-5781", "cpe:/a:synology:router_manager:1.0-5781-3", "cpe:/a:synology:router_manager:1.1.4-6509-1", "cpe:/a:synology:router_manager:1.1.4-6509-3", "cpe:/a:synology:router_manager:1.1-6338-2", "cpe:/a:synology:router_manager:1.1.4-6509-2", "cpe:/a:synology:router_manager:1.1.6-6931-2", "cpe:/a:synology:router_manager:1.1.1-6414", "cpe:/a:synology:router_manager:1.0.1-6007-1", "cpe:/a:synology:router_manager:1.1.3-6447", "cpe:/a:synology:router_manager:1.0.2-6022-1", "cpe:/a:synology:router_manager:1.1.6-6931-1", "cpe:/a:synology:router_manager:1.0.1-6007", "cpe:/a:synology:router_manager:1.1.5-6542", "cpe:/a:synology:router_manager:1.1.3-6447-1", "cpe:/a:synology:router_manager:1.1-6338", "cpe:/a:synology:router_manager:1.1.2-6425-3", "cpe:/a:synology:router_manager:1.0.2-6022", "cpe:/a:synology:router_manager:1.1.3-6447-2", "cpe:/a:synology:router_manager:1.1.5-6542-2", "cpe:/a:synology:router_manager:1.1.4-6509", "cpe:/a:synology:router_manager:1.1.2-6425-1", "cpe:/a:synology:router_manager:1.1.1-6414-1", "cpe:/a:synology:router_manager:1.0.3-6030-2", "cpe:/a:synology:router_manager:1.0.1-6007-2", "cpe:/a:synology:router_manager:1.1.5-6542-4", "cpe:/a:synology:router_manager:1.0.3-6030-3", "cpe:/a:synology:router_manager:1.0.3-6030", "cpe:/a:synology:router_manager:1.1.3-6447-4", "cpe:/a:synology:router_manager:1.1.2-6425-2", "cpe:/a:synology:router_manager:1.0.3-6030-1"], "affectedSoftware": [{"name": "synology router_manager", "operator": "eq", "version": "1.1.5-6542-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.6-6931-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.1-6007-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.2-6425"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.1-6414"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.4-6509-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0-5781-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.6-6931-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0-5766"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0-5781-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.3-6030-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.4-6509"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.2-6425-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.5-6542"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.4-6509-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.3-6447"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1-6338-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1-6338-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.4-6509-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.3-6030-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.1-6007"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.1-6007-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.6-6931-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.5-6542-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.3-6030-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.2-6425-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.4-6509-4"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.6-6931"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.5-6542-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.2-6425-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.3-6447-3"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.5-6542-4"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.3-6447-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0-5781-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.1-6414-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0-5781"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.3-6447-2"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1-6338"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.2-6022-1"}, {"name": "synology router_manager", "operator": "eq", "version": "1.1.3-6447-4"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.3-6030"}, {"name": "synology router_manager", "operator": "eq", "version": "1.0.2-6022"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7}, "cpe23": [], "cwe": ["CWE-79"], "scheme": null}
{}
