Lucene search
HistorySep 25, 2013 - 10:31 a.m.
CVE-2013-5200
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
5.9 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.3%
The (1) REST and (2) memcache interfaces in the Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 do not require authentication, which allows remote attackers to obtain sensitive information or modify data via an API call.
Affected configurations
Node
open-xchangeopen-xchange_appsuiteMatch7.0.1
ORopen-xchangeopen-xchange_appsuiteMatch7.0.2
ORopen-xchangeopen-xchange_appsuiteMatch7.2.0
ORopen-xchangeopen-xchange_appsuiteMatch7.2.1
Related
cve
cve
packetstorm
packetstorm
Open-Xchange AppSuite 7.2.2 Improper Authentication / Information Disclosure
2013-09-10 00:00:00
prion
prion
Authentication flaw
2013-09-25 10:31:00
Design/Logic Flaw
2013-09-25 10:31:00
Hardcoded credentials
2013-09-25 10:31:00
cvelist
cvelist
securityvulns
securityvulns
Open-Xchange Security Advisory 2013-09-10
2013-10-01 00:00:00
Open-Xchange multiple security vulnerabilities
2013-11-18 00:00:00
nvd
nvd
openvas
openvas
Open-Xchange (OX) App Suite Multiple Vulnerabilities -03 (Nov 2015)
2015-11-02 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
5.9 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.3%
Related for NVD:CVE-2013-5200