Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2013-2302
cve-2013-2302
transware active! mail 6
information security
local user access
sensitive information
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
TransWARE Active! mail 6, when an external public interface is used, allows local users to obtain sensitive information belonging to arbitrary users by leveraging shell access, as demonstrated by a TELNET or SSH session to the server.
Affected configurations
Node
transwareactive\!_mailMatch6.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| transware:active\!_mail | transware active! mail | eq | 6.0 |
Related
jvn
jvn
JVN#04288738: Active! mail vulnerable to information disclosure
2013-04-04 00:00:00
nvd
nvd
CVE-2013-2302
2013-04-04 19:55:01
prion
prion
Design/Logic Flaw
2013-04-04 19:55:00
cvelist
cvelist
CVE-2013-2302
2022-10-03 16:15:00
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2013-2302