Lucene search

[email protected]CVE-2013-6181

HistoryDec 28, 2013 - 4:53 a.m.

CVE-2013-6181

2013-12-2804:53:00

CWE-310

[email protected]

web.nvd.nist.gov

cve-2013-6181

emc watch4net

sensitive information exposure

cleartext passwords

installation repository

5.9 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

EMC Watch4Net before 6.3 stores cleartext polled-device passwords in the installation repository, which allows local users to obtain sensitive information by leveraging repository privileges.

CPENameOperatorVersion
emc:watch4netemc watch4neteq6.1
emc:watch4netemc watch4netle6.2
emc:watch4netemc watch4neteq6.0

CPE	Name	Operator	Version
emc:watch4net	emc watch4net	eq	6.1
emc:watch4net	emc watch4net	le	6.2
emc:watch4net	emc watch4net	eq	6.0

References

archives.neohapsis.com/archives/bugtraq/2013-12/0140.html

packetstormsecurity.com/files/124585/EMC-Watch4net-Information-Disclosure.html

www.securityfocus.com/bid/64517

www.securitytracker.com/id/1029535

5.9 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2013-6181

prion1 securityvulns2 cvelist1