Lucene search
HistoryApr 29, 2014 - 2:38 p.m.
CVE-2013-7236
cve
2013
7236
smf
simple machines forum
remote attack
user impersonation
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.3%
Simple Machines Forum (SMF) 2.0.6, 1.1.19, and earlier allows remote attackers to impersonate arbitrary users via a Unicode homoglyph character in a username.
Affected configurations
Node
simplemachinessimple_machines_forumRange≤1.1.9
ORsimplemachinessimple_machines_forumMatch1.0
ORsimplemachinessimple_machines_forumMatch1.0beta4
ORsimplemachinessimple_machines_forumMatch1.0beta4.1
ORsimplemachinessimple_machines_forumMatch1.0beta5
ORsimplemachinessimple_machines_forumMatch1.0beta6
ORsimplemachinessimple_machines_forumMatch1.0rc1
ORsimplemachinessimple_machines_forumMatch1.0rc2
ORsimplemachinessimple_machines_forumMatch1.0.1
ORsimplemachinessimple_machines_forumMatch1.0.2
ORsimplemachinessimple_machines_forumMatch1.0.3
ORsimplemachinessimple_machines_forumMatch1.0.4
ORsimplemachinessimple_machines_forumMatch1.0.5
ORsimplemachinessimple_machines_forumMatch1.0.6
ORsimplemachinessimple_machines_forumMatch1.0.7
ORsimplemachinessimple_machines_forumMatch1.0.8
ORsimplemachinessimple_machines_forumMatch1.0.9
ORsimplemachinessimple_machines_forumMatch1.0.10
ORsimplemachinessimple_machines_forumMatch1.0.12
ORsimplemachinessimple_machines_forumMatch1.0.13
ORsimplemachinessimple_machines_forumMatch1.0.14
ORsimplemachinessimple_machines_forumMatch1.0.15
ORsimplemachinessimple_machines_forumMatch1.0.16
ORsimplemachinessimple_machines_forumMatch1.0.17
ORsimplemachinessimple_machines_forumMatch1.0.18
ORsimplemachinessimple_machines_forumMatch1.0.19
ORsimplemachinessimple_machines_forumMatch1.0.20
ORsimplemachinessimple_machines_forumMatch1.0.21
ORsimplemachinessimple_machines_forumMatch1.0.22
ORsimplemachinessimple_machines_forumMatch1.0.23
ORsimplemachinessimple_machines_forumMatch1.1
ORsimplemachinessimple_machines_forumMatch1.1beta1
ORsimplemachinessimple_machines_forumMatch1.1beta2
ORsimplemachinessimple_machines_forumMatch1.1beta3
ORsimplemachinessimple_machines_forumMatch1.1beta4
ORsimplemachinessimple_machines_forumMatch1.1rc1
ORsimplemachinessimple_machines_forumMatch1.1rc2
ORsimplemachinessimple_machines_forumMatch1.1rc3
ORsimplemachinessimple_machines_forumMatch1.1.1
ORsimplemachinessimple_machines_forumMatch1.1.2
ORsimplemachinessimple_machines_forumMatch1.1.3
ORsimplemachinessimple_machines_forumMatch1.1.4
ORsimplemachinessimple_machines_forumMatch1.1.5
ORsimplemachinessimple_machines_forumMatch1.1.6
ORsimplemachinessimple_machines_forumMatch1.1.7
ORsimplemachinessimple_machines_forumMatch1.1.8
ORsimplemachinessimple_machines_forumMatch1.1.10
ORsimplemachinessimple_machines_forumMatch1.1.11
ORsimplemachinessimple_machines_forumMatch1.1.12
ORsimplemachinessimple_machines_forumMatch1.1.13
ORsimplemachinessimple_machines_forumMatch1.1.14
ORsimplemachinessimple_machines_forumMatch1.1.15
ORsimplemachinessimple_machines_forumMatch1.1.16
ORsimplemachinessimple_machines_forumMatch1.1.17
ORsimplemachinessimple_machines_forumMatch2.0.6
Related
prion
prion
Code injection
2014-04-29 14:38:00
cvelist
cvelist
CVE-2013-7236
2014-04-29 14:00:00
nvd
nvd
CVE-2013-7236
2014-04-29 14:38:47
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.3%
Related for CVE-2013-7236