{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T05:26:08.114","vulnerabilities":[{"cve":{"id":"CVE-2023-3349","sourceIdentifier":"cve-coordination@incibe.es","published":"2023-10-03T14:15:10.853","lastModified":"2024-11-21T08:17:04.560","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an unauthenticated user to retrieve sensitive information, such as usernames, IP addresses or SQL queries sent to the application. By accessing the URL /RPS2019Service/status.html, the application enables the logging mechanism by generating the log file, which can be downloaded."},{"lang":"es","value":"Vulnerabilidad de exposición de información en IBERMATICA RPS 2019, cuya explotación podría permitir a un usuario no autenticado recuperar información sensible, como nombres de usuario, direcciones IP o consultas SQL enviadas a la aplicación. Al acceder a la URL /RPS2019Service/status.html, la aplicación habilita el mecanismo de registro generando el archivo de registro, que se puede descargar."}],"metrics":{"cvssMetricV31":[{"source":"cve-coordination@incibe.es","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"cve-coordination@incibe.es","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-532"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ayesa:ibermatica_rps:2019:*:*:*:*:*:*:*","matchCriteriaId":"8A27BE43-C805-4D83-A2A2-AD6ADD243568"}]}]}],"references":[{"url":"https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-ibermatica-rps-2019","source":"cve-coordination@incibe.es","tags":["Third Party Advisory"]},{"url":"https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-ibermatica-rps-2019","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}