Lucene search

[email protected]CVE-2013-5364

HistoryJan 26, 2014 - 1:55 a.m.

CVE-2013-5364

2014-01-2601:55:04

CWE-264

[email protected]

web.nvd.nist.gov

secunia

csi agent

cve-2013-5364

red hat linux

configuration

vulnerability

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and 7.0.0.21 and earlier, when running on Red Hat Linux, uses world-readable and world-writable permissions for /etc/csia_config.xml, which allows local users to change CSI Agent configuration by modifying this file.

Affected configurations

NVD

Node

secuniacsi_agentRange6.0.0–6.0.0.15017

secuniacsi_agentRange6.0.1–6.0.1.1007

secuniacsi_agentRange7.0.0–7.0.0.21

AND

redhatenterprise_linux

CPENameOperatorVersion
secunia:csi_agentsecunia csi agentle6.0.0.15017
secunia:csi_agentsecunia csi agentle6.0.1.1007
secunia:csi_agentsecunia csi agentle7.0.0.21

CPE	Name	Operator	Version
secunia:csi_agent	secunia csi agent	le	6.0.0.15017
secunia:csi_agent	secunia csi agent	le	6.0.1.1007
secunia:csi_agent	secunia csi agent	le	7.0.0.21

References

osvdb.org/101901

secunia.com/advisories/56380

secunia.com/vulnerability_scanning/corporate/release-history/

www.securityfocus.com/bid/64775

exchange.xforce.ibmcloud.com/vulnerabilities/90230

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2013-5364

prion1 cvelist1 nvd1 kaspersky1