{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T22:09:12.801","vulnerabilities":[{"cve":{"id":"CVE-2017-7652","sourceIdentifier":"emo@eclipse.org","published":"2018-04-25T13:29:00.490","lastModified":"2024-11-21T03:32:22.893","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. If there are lots of clients connected so that there are no more file descriptors/sockets available (default limit typically 1024 file descriptors on Linux), then opening the configuration file will fail."},{"lang":"es","value":"En Eclipse Mosquitto, si se establece una instancia de Mosquitto ejecutándose con un archivo de configuración, el envío de una señal HUP al servidor provoca que la configuración se recargue desde el disco. Si hay muchos clientes conectados de tal forma que ya no queden más descriptores de archivos/sockets disponibles (el límite normal por defecto suele ser de 1024 descriptores de archivos en Linux), no se podrá abrir el archivo de configuración."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"emo@eclipse.org","type":"Secondary","description":[{"lang":"en","value":"CWE-789"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0","versionEndIncluding":"1.4.14","matchCriteriaId":"369612A8-37B4-444B-AD17-9DF374006CB7"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"16F59A04-14CF-49E2-9973-645477EA09DA"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"}]}]}],"references":[{"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=530102","source":"emo@eclipse.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/03/msg00037.html","source":"emo@eclipse.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/06/msg00016.html","source":"emo@eclipse.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://mosquitto.org/blog/2018/02/security-advisory-cve-2017-7651-cve-2017-7652/","source":"emo@eclipse.org","tags":["Patch","Vendor Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4325","source":"emo@eclipse.org","tags":["Third Party Advisory"]},{"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=530102","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/03/msg00037.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/06/msg00016.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://mosquitto.org/blog/2018/02/security-advisory-cve-2017-7651-cve-2017-7652/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4325","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}