{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-12-16T00:00:00", "descriptions": [{"lang": "en", "value": "The agent in Thermostat before 1.0.6, when using unspecified configurations, allows local users to obtain the JMX management URLs of all local Java virtual machines and gain privileges via unknown vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-12-18T13:57:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[Thermostat-announce] 20141216 [SECURITY UPDATE] Thermostat 1.0.6 update released!", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://icedtea.classpath.org/pipermail/thermostat-announce/2014-December/000013.html"}, {"name": "RHSA-2014:2000", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-2000.html"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-8120", "datePublished": "2014-12-18T15:00:00", "dateReserved": "2014-10-10T00:00:00", "dateUpdated": "2014-12-18T13:57:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:thermostat_project:thermostat:*:*:*:*:*:*:*:*", "matchCriteriaId": "227EEABF-AABD-4DD8-BF3C-BAE154EC806B", "versionEndIncluding": "1.0.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The agent in Thermostat before 1.0.6, when using unspecified configurations, allows local users to obtain the JMX management URLs of all local Java virtual machines and gain privileges via unknown vectors."}, {"lang": "es", "value": "El agente en Thermostat anterior a 1.0.6, cuando se utilizan configuraciones sin especificar, permite a usuarios locales obtener las URLs de gesti\u00f3n JMX de todas las m\u00e1quinas virtuales Java locales y conseguir privilegios a trav\u00e9s de vectores desconocidos."}], "id": "CVE-2014-8120", "lastModified": "2023-02-13T00:43:11.030", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-12-18T15:59:02.587", "references": [{"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://icedtea.classpath.org/pipermail/thermostat-announce/2014-December/000013.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2014-2000.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}