Lucene search

[email protected]CVE-2013-5701

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-5701

2022-10-0316:14:55

CWE-264

[email protected]

web.nvd.nist.gov

cve-2013-5701

vulnerabilities

watchguard log collector

watchguard webblocker server

local users

privilege escalation

trojan horse

bin directory

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.4%

JSON

Multiple untrusted search path vulnerabilities in (1) Watchguard Log Collector (wlcollector.exe) and (2) Watchguard WebBlocker Server (wbserver.exe) in WatchGuard Server Center 11.7.4, 11.7.3, and possibly earlier allow local users to gain privileges via a Trojan horse wgpr.dll file in the application’s bin directory.

Affected configurations

NVD

Node

watchguardserver_centerRange≤11.7.4

watchguardserver_centerMatch11.7.3

CPENameOperatorVersion
watchguard:server_centerwatchguard server centerle11.7.4
watchguard:server_centerwatchguard server centereq11.7.3

CPE	Name	Operator	Version
watchguard:server_center	watchguard server center	le	11.7.4
watchguard:server_center	watchguard server center	eq	11.7.3

References

seclists.org/fulldisclosure/2013/Sep/43

www.securitytracker.com/id/1028992

www.rcesecurity.com/2013/09/cve-2013-5701-watchguard-server-center-v11-7-4-wgpr-dll-local-privileges-escalation-vulnerability

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.4%

JSON

Related for CVE-2013-5701

zdt1 prion1 packetstorm1 nvd1 cvelist1