Lucene search

K
cve[email protected]CVE-2013-5116
HistoryJan 31, 2020 - 3:15 p.m.

CVE-2013-5116

2020-01-3115:15:10
CWE-287
web.nvd.nist.gov
32
cve-2013-5116
evernote
password change
security vulnerability
nvd

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

6.9 Medium

AI Score

Confidence

High

6.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:C/A:N

0.0004 Low

EPSS

Percentile

15.7%

Evernote prior to 5.5.1 has insecure password change

Affected configurations

NVD
Node
evernoteevernoteRange<5.5.1android
CPENameOperatorVersion
evernote:evernoteevernotelt5.5.1

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

6.9 Medium

AI Score

Confidence

High

6.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:C/A:N

0.0004 Low

EPSS

Percentile

15.7%

Related for CVE-2013-5116