Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-1649
open-xchange
server
vulnerability
password hashing
algorithm
security
nvd
cve-2013-1649
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.6 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.5%
Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses the crypt and SHA-1 algorithms for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.
Affected configurations
Node
open-xchangeopen-xchange_serverMatch6.20.7
ORopen-xchangeopen-xchange_serverMatch6.22.0
ORopen-xchangeopen-xchange_serverMatch6.22.1
Related
nvd
nvd
CVE-2013-1649
2013-09-05 11:44:57
prion
prion
Open redirect
2013-09-05 11:44:00
cvelist
cvelist
CVE-2013-1649
2022-10-03 16:14:47
seebug
seebug
Open-Xchange Server 6 - Multiple Vulnerabilities
2014-07-01 00:00:00
securityvulns
securityvulns
Open-Xchange Security Advisory 2013-03-13
2013-05-06 00:00:00
packetstorm
packetstorm
Open-Xchange 6 XSS / LFI / SSRF / Hashing
2013-03-14 00:00:00
exploitpack
exploitpack
Open-Xchange Server 6 - Multiple Vulnerabilities
2013-03-15 00:00:00
exploitdb
exploitdb
Open-Xchange Server 6 - Multiple Vulnerabilities
2013-03-15 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.6 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.5%
Related for CVE-2013-1649