Lucene search
HistoryAug 28, 2013 - 1:09 p.m.
CVE-2013-3597
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.019 Low
EPSS
Percentile
88.5%
servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows remote attackers to read usernames and passwords via a getList action.
Affected configurations
Node
searchbloxsearchbloxRange≤7.5
ORsearchbloxsearchbloxMatch6.2build_1
ORsearchbloxsearchbloxMatch6.3build_1
ORsearchbloxsearchbloxMatch6.4build_1
ORsearchbloxsearchbloxMatch6.4build_2
ORsearchbloxsearchbloxMatch7.0
ORsearchbloxsearchbloxMatch7.1
ORsearchbloxsearchbloxMatch7.2
ORsearchbloxsearchbloxMatch7.3
ORsearchbloxsearchbloxMatch7.4
Related
prion
prion
Deserialization of untrusted data
2013-08-28 13:09:00
cve
cve
CVE-2013-3597
2022-10-03 16:14:45
cvelist
cvelist
CVE-2013-3597
2022-10-03 16:14:45
cert
cert
SearchBlox contains multiple vulnerabilities
2013-08-23 00:00:00
openvas
openvas
SearchBlox Multiple Vulnerabilities (Sep 2013)
2013-09-03 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.019 Low
EPSS
Percentile
88.5%
Related for NVD:CVE-2013-3597