Lucene search

[email protected]NVD:CVE-2013-7236

HistoryApr 29, 2014 - 2:38 p.m.

CVE-2013-7236

2014-04-2914:38:47

CWE-20

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.3%

JSON

Simple Machines Forum (SMF) 2.0.6, 1.1.19, and earlier allows remote attackers to impersonate arbitrary users via a Unicode homoglyph character in a username.

Affected configurations

NVD

Node

simplemachinessimple_machines_forumRange≤1.1.9

simplemachinessimple_machines_forumMatch1.0

simplemachinessimple_machines_forumMatch1.0beta4

simplemachinessimple_machines_forumMatch1.0beta4.1

simplemachinessimple_machines_forumMatch1.0beta5

simplemachinessimple_machines_forumMatch1.0beta6

simplemachinessimple_machines_forumMatch1.0rc1

simplemachinessimple_machines_forumMatch1.0rc2

simplemachinessimple_machines_forumMatch1.0.1

simplemachinessimple_machines_forumMatch1.0.2

simplemachinessimple_machines_forumMatch1.0.3

simplemachinessimple_machines_forumMatch1.0.4

simplemachinessimple_machines_forumMatch1.0.5

simplemachinessimple_machines_forumMatch1.0.6

simplemachinessimple_machines_forumMatch1.0.7

simplemachinessimple_machines_forumMatch1.0.8

simplemachinessimple_machines_forumMatch1.0.9

simplemachinessimple_machines_forumMatch1.0.10

simplemachinessimple_machines_forumMatch1.0.12

simplemachinessimple_machines_forumMatch1.0.13

simplemachinessimple_machines_forumMatch1.0.14

simplemachinessimple_machines_forumMatch1.0.15

simplemachinessimple_machines_forumMatch1.0.16

simplemachinessimple_machines_forumMatch1.0.17

simplemachinessimple_machines_forumMatch1.0.18

simplemachinessimple_machines_forumMatch1.0.19

simplemachinessimple_machines_forumMatch1.0.20

simplemachinessimple_machines_forumMatch1.0.21

simplemachinessimple_machines_forumMatch1.0.22

simplemachinessimple_machines_forumMatch1.0.23

simplemachinessimple_machines_forumMatch1.1

simplemachinessimple_machines_forumMatch1.1beta1

simplemachinessimple_machines_forumMatch1.1beta2

simplemachinessimple_machines_forumMatch1.1beta3

simplemachinessimple_machines_forumMatch1.1beta4

simplemachinessimple_machines_forumMatch1.1rc1

simplemachinessimple_machines_forumMatch1.1rc2

simplemachinessimple_machines_forumMatch1.1rc3

simplemachinessimple_machines_forumMatch1.1.1

simplemachinessimple_machines_forumMatch1.1.2

simplemachinessimple_machines_forumMatch1.1.3

simplemachinessimple_machines_forumMatch1.1.4

simplemachinessimple_machines_forumMatch1.1.5

simplemachinessimple_machines_forumMatch1.1.6

simplemachinessimple_machines_forumMatch1.1.7

simplemachinessimple_machines_forumMatch1.1.8

simplemachinessimple_machines_forumMatch1.1.10

simplemachinessimple_machines_forumMatch1.1.11

simplemachinessimple_machines_forumMatch1.1.12

simplemachinessimple_machines_forumMatch1.1.13

simplemachinessimple_machines_forumMatch1.1.14

simplemachinessimple_machines_forumMatch1.1.15

simplemachinessimple_machines_forumMatch1.1.16

simplemachinessimple_machines_forumMatch1.1.17

simplemachinessimple_machines_forumMatch2.0.6

References

seclists.org/fulldisclosure/2013/Dec/83

www.jakoblell.com/blog/2013/12/13/multiple-vulnerabilities-in-smf-forum-software/

www.openwall.com/lists/oss-security/2013/12/30/1

www.openwall.com/lists/oss-security/2013/12/30/3

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.3%

JSON

Related for NVD:CVE-2013-7236

cve1 prion1 cvelist1