{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T20:26:38.457","vulnerabilities":[{"cve":{"id":"CVE-2019-0729","sourceIdentifier":"secure@microsoft.com","published":"2019-03-05T23:29:02.740","lastModified":"2024-11-21T04:17:11.110","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'."},{"lang":"es","value":"Existe una vulnerabilidad de elevación de privilegios por la forma en la que Azure IoT Java SDK genera claves simétricas para el cifrado, lo que permite que un atacante prediga la aleatoriedad de la clave. Esto también se conoce como \"Azure IoT Java SDK Elevation of Privilege Vulnerability\"."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-330"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:java_software_development_kit:-:*:*:*:*:azure_internet_of_things:*:*","matchCriteriaId":"BBFAADA6-72F7-4ACB-A3E1-1E3669C2D053"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/106966","source":"secure@microsoft.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0729","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/106966","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0729","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}