CVE-2011-0279

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02738104", "name": "HPSBPI02640", "tags": [], "refsource": "HP"}, {"url": "http://www.securityfocus.com/bid/46679", "name": "46679", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/43618", "name": "43618", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2011/0561", "name": "ADV-2011-0561", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.securitytracker.com/id?1025155", "name": "1025155", "tags": [], "refsource": "SECTRACK"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65866", "name": "hp-mfpdigitalsending-sec-bypass(65866)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-287"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2011-0279", "ASSIGNER": "hp-security-alert@hp.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "LOW", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2011-03-07T21:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.91.00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-17T01:33Z"}