Lucene search

K
nvd[email protected]NVD:CVE-2015-3148
HistoryApr 24, 2015 - 2:59 p.m.

CVE-2015-3148

2015-04-2414:59:11
CWE-284
web.nvd.nist.gov
8

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

9.2

Confidence

High

EPSS

0.005

Percentile

77.5%

cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.

Affected configurations

Nvd
Node
fedoraprojectfedoraMatch21
OR
fedoraprojectfedoraMatch22
Node
canonicalubuntu_linuxMatch12.04lts
OR
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch14.10
OR
canonicalubuntu_linuxMatch15.04
OR
debiandebian_linuxMatch7.0
Node
applemac_os_xMatch10.10.0
OR
applemac_os_xMatch10.10.1
OR
applemac_os_xMatch10.10.2
OR
applemac_os_xMatch10.10.3
OR
applemac_os_xMatch10.10.4
Node
haxxlibcurlMatch7.10.6
OR
haxxlibcurlMatch7.10.7
OR
haxxlibcurlMatch7.10.8
OR
haxxlibcurlMatch7.11.0
OR
haxxlibcurlMatch7.11.1
OR
haxxlibcurlMatch7.11.2
OR
haxxlibcurlMatch7.12.0
OR
haxxlibcurlMatch7.12.1
OR
haxxlibcurlMatch7.12.2
OR
haxxlibcurlMatch7.12.3
OR
haxxlibcurlMatch7.13.0
OR
haxxlibcurlMatch7.13.1
OR
haxxlibcurlMatch7.13.2
OR
haxxlibcurlMatch7.14.0
OR
haxxlibcurlMatch7.14.1
OR
haxxlibcurlMatch7.15.0
OR
haxxlibcurlMatch7.15.1
OR
haxxlibcurlMatch7.15.2
OR
haxxlibcurlMatch7.15.3
OR
haxxlibcurlMatch7.15.4
OR
haxxlibcurlMatch7.15.5
OR
haxxlibcurlMatch7.16.0
OR
haxxlibcurlMatch7.16.1
OR
haxxlibcurlMatch7.16.2
OR
haxxlibcurlMatch7.16.3
OR
haxxlibcurlMatch7.16.4
OR
haxxlibcurlMatch7.17.0
OR
haxxlibcurlMatch7.17.1
OR
haxxlibcurlMatch7.18.0
OR
haxxlibcurlMatch7.18.1
OR
haxxlibcurlMatch7.18.2
OR
haxxlibcurlMatch7.19.0
OR
haxxlibcurlMatch7.19.1
OR
haxxlibcurlMatch7.19.2
OR
haxxlibcurlMatch7.19.3
OR
haxxlibcurlMatch7.19.4
OR
haxxlibcurlMatch7.19.5
OR
haxxlibcurlMatch7.19.6
OR
haxxlibcurlMatch7.19.7
OR
haxxlibcurlMatch7.20.0
OR
haxxlibcurlMatch7.20.1
OR
haxxlibcurlMatch7.21.0
OR
haxxlibcurlMatch7.21.1
OR
haxxlibcurlMatch7.21.2
OR
haxxlibcurlMatch7.21.3
OR
haxxlibcurlMatch7.21.4
OR
haxxlibcurlMatch7.21.5
OR
haxxlibcurlMatch7.21.6
OR
haxxlibcurlMatch7.21.7
OR
haxxlibcurlMatch7.22.0
OR
haxxlibcurlMatch7.23.0
OR
haxxlibcurlMatch7.23.1
OR
haxxlibcurlMatch7.24.0
OR
haxxlibcurlMatch7.25.0
OR
haxxlibcurlMatch7.26.0
OR
haxxlibcurlMatch7.27.0
OR
haxxlibcurlMatch7.28.0
OR
haxxlibcurlMatch7.28.1
OR
haxxlibcurlMatch7.29.0
OR
haxxlibcurlMatch7.30.0
OR
haxxlibcurlMatch7.31.0
OR
haxxlibcurlMatch7.32.0
OR
haxxlibcurlMatch7.33.0
OR
haxxlibcurlMatch7.34.0
OR
haxxlibcurlMatch7.35.0
OR
haxxlibcurlMatch7.36.0
OR
haxxlibcurlMatch7.37.0
OR
haxxlibcurlMatch7.37.1
OR
haxxlibcurlMatch7.38.0
OR
haxxlibcurlMatch7.39
OR
haxxlibcurlMatch7.40.0
OR
haxxlibcurlMatch7.41.0
Node
hpsystem_management_homepageRange7.5.3.1
Node
haxxcurlMatch7.10.6
OR
haxxcurlMatch7.10.7
OR
haxxcurlMatch7.10.8
OR
haxxcurlMatch7.11.0
OR
haxxcurlMatch7.11.1
OR
haxxcurlMatch7.11.2
OR
haxxcurlMatch7.12.0
OR
haxxcurlMatch7.12.1
OR
haxxcurlMatch7.12.2
OR
haxxcurlMatch7.12.3
OR
haxxcurlMatch7.13.0
OR
haxxcurlMatch7.13.1
OR
haxxcurlMatch7.13.2
OR
haxxcurlMatch7.14.0
OR
haxxcurlMatch7.14.1
OR
haxxcurlMatch7.15.0
OR
haxxcurlMatch7.15.1
OR
haxxcurlMatch7.15.2
OR
haxxcurlMatch7.15.3
OR
haxxcurlMatch7.15.4
OR
haxxcurlMatch7.15.5
OR
haxxcurlMatch7.16.0
OR
haxxcurlMatch7.16.1
OR
haxxcurlMatch7.16.2
OR
haxxcurlMatch7.16.3
OR
haxxcurlMatch7.16.4
OR
haxxcurlMatch7.17.0
OR
haxxcurlMatch7.17.1
OR
haxxcurlMatch7.18.0
OR
haxxcurlMatch7.18.1
OR
haxxcurlMatch7.18.2
OR
haxxcurlMatch7.19.0
OR
haxxcurlMatch7.19.1
OR
haxxcurlMatch7.19.2
OR
haxxcurlMatch7.19.3
OR
haxxcurlMatch7.19.4
OR
haxxcurlMatch7.19.5
OR
haxxcurlMatch7.19.6
OR
haxxcurlMatch7.19.7
OR
haxxcurlMatch7.20.0
OR
haxxcurlMatch7.20.1
OR
haxxcurlMatch7.21.0
OR
haxxcurlMatch7.21.1
OR
haxxcurlMatch7.21.2
OR
haxxcurlMatch7.21.3
OR
haxxcurlMatch7.21.4
OR
haxxcurlMatch7.21.5
OR
haxxcurlMatch7.21.6
OR
haxxcurlMatch7.21.7
OR
haxxcurlMatch7.22.0
OR
haxxcurlMatch7.23.0
OR
haxxcurlMatch7.23.1
OR
haxxcurlMatch7.24.0
OR
haxxcurlMatch7.25.0
OR
haxxcurlMatch7.26.0
OR
haxxcurlMatch7.27.0
OR
haxxcurlMatch7.28.0
OR
haxxcurlMatch7.28.1
OR
haxxcurlMatch7.29.0
OR
haxxcurlMatch7.30.0
OR
haxxcurlMatch7.31.0
OR
haxxcurlMatch7.32.0
OR
haxxcurlMatch7.33.0
OR
haxxcurlMatch7.34.0
OR
haxxcurlMatch7.35.0
OR
haxxcurlMatch7.36.0
OR
haxxcurlMatch7.37.0
OR
haxxcurlMatch7.37.1
OR
haxxcurlMatch7.38.0
OR
haxxcurlMatch7.39.0
OR
haxxcurlMatch7.40.0
OR
haxxcurlMatch7.41.0
Node
opensuseopensuseMatch13.1
OR
opensuseopensuseMatch13.2
VendorProductVersionCPE
fedoraprojectfedora21cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
fedoraprojectfedora22cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
canonicalubuntu_linux12.04cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
canonicalubuntu_linux14.04cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
canonicalubuntu_linux14.10cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
canonicalubuntu_linux15.04cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
debiandebian_linux7.0cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
applemac_os_x10.10.0cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*
applemac_os_x10.10.1cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*
applemac_os_x10.10.2cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*
Rows per page:
1-10 of 1591

References

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

9.2

Confidence

High

EPSS

0.005

Percentile

77.5%