Lucene search

[email protected]CVE-2013-3268

HistoryApr 24, 2013 - 10:28 a.m.

CVE-2013-3268

2013-04-2410:28:00

CWE-287

[email protected]

web.nvd.nist.gov

novell imanager

cve-2013-3268

token

logout

remote attack

nvd

security vulnerability

6.9 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

71.9%

JSON

Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors.

CPENameOperatorVersion
novell:imanagernovell imanagereq2.7
novell:imanagernovell imanagereq2.7.4
novell:imanagernovell imanagereq2.7.3
novell:imanagernovell imanagereq2.7.1
novell:imanagernovell imanagereq2.7.5
novell:imanagernovell imanagereq2.7.2
novell:imanagernovell imanagereq2.7.0

CPE	Name	Operator	Version
novell:imanager	novell imanager	eq	2.7
novell:imanager	novell imanager	eq	2.7.4
novell:imanager	novell imanager	eq	2.7.3
novell:imanager	novell imanager	eq	2.7.1
novell:imanager	novell imanager	eq	2.7.5
novell:imanager	novell imanager	eq	2.7.2
novell:imanager	novell imanager	eq	2.7.0

References

www.novell.com/support/kb/doc.php?id=7010166

www.securityfocus.com/bid/59450

bugzilla.novell.com/show_bug.cgi?id=807429

exchange.xforce.ibmcloud.com/vulnerabilities/83761

6.9 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

71.9%

JSON

Related for CVE-2013-3268

prion1 cvelist1 openvas2 nessus1