Lucene search

[email protected]NVD:CVE-2013-2055

HistoryFeb 10, 2014 - 11:55 p.m.

CVE-2013-2055

2014-02-1023:55:04

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.002

Percentile

52.2%

JSON

Unspecified vulnerability in Apache Wicket 1.4.x before 1.4.23, 1.5.x before 1.5.11, and 6.x before 6.8.0 allows remote attackers to obtain sensitive information via vectors that cause raw HTML templates to be rendered without being processed and reading the information that is outside of wicket:panel markup.

Affected configurations

Nvd

Node

apachewicketMatch1.4.0

apachewicketMatch1.4.1

apachewicketMatch1.4.10

apachewicketMatch1.4.11

apachewicketMatch1.4.12

apachewicketMatch1.4.13

apachewicketMatch1.4.14

apachewicketMatch1.4.15

apachewicketMatch1.4.16

apachewicketMatch1.4.17

apachewicketMatch1.4.18

apachewicketMatch1.4.19

apachewicketMatch1.4.20

apachewicketMatch1.4.21

apachewicketMatch1.4.22

apachewicketMatch1.5.0

apachewicketMatch1.5.1

apachewicketMatch1.5.2

apachewicketMatch1.5.3

apachewicketMatch1.5.4

apachewicketMatch1.5.5

apachewicketMatch1.5.6

apachewicketMatch1.5.7

apachewicketMatch1.5.8

apachewicketMatch1.5.9

apachewicketMatch1.5.10

apachewicketMatch6.1.0

apachewicketMatch6.1.1

apachewicketMatch6.2.0

apachewicketMatch6.3.0

apachewicketMatch6.4.0

apachewicketMatch6.5.0

apachewicketMatch6.6.0

apachewicketMatch6.7.0

apachewicketMatch6.8.0

VendorProductVersionCPE
apachewicket1.4.0cpe:2.3:a:apache:wicket:1.4.0:*:*:*:*:*:*:*
apachewicket1.4.1cpe:2.3:a:apache:wicket:1.4.1:*:*:*:*:*:*:*
apachewicket1.4.10cpe:2.3:a:apache:wicket:1.4.10:*:*:*:*:*:*:*
apachewicket1.4.11cpe:2.3:a:apache:wicket:1.4.11:*:*:*:*:*:*:*
apachewicket1.4.12cpe:2.3:a:apache:wicket:1.4.12:*:*:*:*:*:*:*
apachewicket1.4.13cpe:2.3:a:apache:wicket:1.4.13:*:*:*:*:*:*:*
apachewicket1.4.14cpe:2.3:a:apache:wicket:1.4.14:*:*:*:*:*:*:*
apachewicket1.4.15cpe:2.3:a:apache:wicket:1.4.15:*:*:*:*:*:*:*
apachewicket1.4.16cpe:2.3:a:apache:wicket:1.4.16:*:*:*:*:*:*:*
apachewicket1.4.17cpe:2.3:a:apache:wicket:1.4.17:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apache	wicket	1.4.0	cpe:2.3:a:apache:wicket:1.4.0:::::::*
apache	wicket	1.4.1	cpe:2.3:a:apache:wicket:1.4.1:::::::*
apache	wicket	1.4.10	cpe:2.3:a:apache:wicket:1.4.10:::::::*
apache	wicket	1.4.11	cpe:2.3:a:apache:wicket:1.4.11:::::::*
apache	wicket	1.4.12	cpe:2.3:a:apache:wicket:1.4.12:::::::*
apache	wicket	1.4.13	cpe:2.3:a:apache:wicket:1.4.13:::::::*
apache	wicket	1.4.14	cpe:2.3:a:apache:wicket:1.4.14:::::::*
apache	wicket	1.4.15	cpe:2.3:a:apache:wicket:1.4.15:::::::*
apache	wicket	1.4.16	cpe:2.3:a:apache:wicket:1.4.16:::::::*
apache	wicket	1.4.17	cpe:2.3:a:apache:wicket:1.4.17:::::::*

Rows per page:

1-10 of 351

References

osvdb.org/102955

seclists.org/fulldisclosure/2014/Feb/38

www.securityfocus.com/bid/65431

wicket.apache.org/2013/05/17/wicket-6.8.0-released.html

wicket.apache.org/2014/02/06/cve-2013-2055.html

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.002

Percentile

52.2%

JSON

Related for NVD:CVE-2013-2055

cvelist1 prion1 cve1