Lucene search

PRIOn knowledge basePRION:CVE-2013-2093

HistoryNov 20, 2019 - 9:15 p.m.

Design/Logic Flaw

2019-11-2021:15:00

PRIOn knowledge base

www.prio-n.com

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.038 Low

EPSS

Percentile

91.7%

JSON

Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands.

CPENameOperatorVersion
dolibarr_erp\\/crmeq3.3.1

CPE	Name	Operator	Version
	dolibarr_erp\\/crm	eq	3.3.1

References

www.openwall.com/lists/oss-security/2013/05/14/3

exchange.xforce.ibmcloud.com/vulnerabilities/84249

github.com/Dolibarr/dolibarr/commit/526a80dd202bbca396687a502d52c27e06e97fff

security-tracker.debian.org/tracker/CVE-2013-2093

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.038 Low

EPSS

Percentile

91.7%

JSON

Related for PRION:CVE-2013-2093