Lucene search
HistoryFeb 14, 2014 - 3:55 p.m.
CVE-2013-6492
cve
piranha
configuration tool
authentication bypass
http
security vulnerability
5.8 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.07 Low
EPSS
Percentile
94.0%
The Piranha Configuration Tool in Piranha 0.8.6 does not properly restrict access to webpages, which allows remote attackers to bypass authentication and read or modify the LVS configuration via an HTTP POST request.
Affected configurations
Node
ryan_oharapiranhaMatch0.8.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| ryan_ohara:piranha | ryan ohara piranha | eq | 0.8.6 |
Related
redhat
redhat
(RHSA-2014:0174) Important: piranha security update
2014-02-13 00:00:00
(RHSA-2014:0175) Important: piranha security and bug fix update
2014-02-13 00:00:00
centos
centos
piranha security update
2014-02-13 20:20:56
piranha security update
2014-02-13 20:05:42
openvas
openvas
CentOS Update for piranha CESA-2014:0175 centos6
2014-02-17 00:00:00
CentOS Update for piranha CESA-2014:0174 centos5
2014-02-17 00:00:00
Oracle: Security Advisory (ELSA-2014-0174)
2015-10-06 00:00:00
nessus
nessus
CentOS 6 : piranha (CESA-2014:0175)
2014-02-14 00:00:00
RHEL 5 : piranha (RHSA-2014:0174)
2014-11-08 00:00:00
RHEL 6 : piranha (RHSA-2014:0175)
2014-02-14 00:00:00
prion
prion
Authentication flaw
2014-02-14 15:55:00
oraclelinux
oraclelinux
piranha security update
2014-02-13 00:00:00
veracode
veracode
Authentication Bypass
2019-01-15 08:57:02
nvd
nvd
CVE-2013-6492
2014-02-14 15:55:05
cvelist
cvelist
CVE-2013-6492
2014-02-14 15:00:00
5.8 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.07 Low
EPSS
Percentile
94.0%
Related for CVE-2013-6492