{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-05T16:22:59.054","vulnerabilities":[{"cve":{"id":"CVE-2017-10815","sourceIdentifier":"vultures@jpcert.or.jp","published":"2017-08-04T16:29:00.183","lastModified":"2026-06-17T01:00:45.323","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"MaLion for Windows 5.2.1 and earlier (only when \"Remote Control\" is installed) and MaLion for Mac 4.0.1 to 5.2.1 (only when \"Remote Control\" is installed) allow remote attackers to bypass authentication to execute arbitrary commands or operations on Terminal Agent."},{"lang":"es","value":"MaLion para Windows versión 5.2.1 y anteriores (solo cuando se instala \"Remote Control\") y MaLion para Mac versión 4.0.1 hasta 5.2.1 (solo cuando se instala \"Remote Control\") permiten a los atacantes remotos omitir la autenticación para ejecutar comandos u operaciones arbitrarias en el Agente Terminal."}],"affected":[{"source":"vultures@jpcert.or.jp","affectedData":[{"vendor":"Intercom, Inc.","product":"MaLion for Windows","versions":[{"version":"5.2.1 and earlier (only when \"Remote Control\" is installed)","status":"affected"}]},{"vendor":"Intercom, Inc.","product":"MaLion for Mac","versions":[{"version":"4.0.1 to  5.2.1 (only when \"Remote Control\" is installed)","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:intercom:malion:*:*:*:*:*:mac_os_x:*:*","versionEndIncluding":"5.2.1","matchCriteriaId":"4B1C3A9B-1A0C-4E71-9532-4F6026CC935B"},{"vulnerable":true,"criteria":"cpe:2.3:a:intercom:malion:*:*:*:*:*:windows:*:*","versionEndIncluding":"5.2.1","matchCriteriaId":"BAB50670-B628-4109-8CB8-AC1B9A6071F1"}]}]}],"references":[{"url":"http://www.intercom.co.jp/information/2017/0801.html","source":"vultures@jpcert.or.jp","tags":["Vendor Advisory"]},{"url":"https://jvn.jp/en/vu/JVNVU91587298/index.html","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.intercom.co.jp/information/2017/0801.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://jvn.jp/en/vu/JVNVU91587298/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}