Lucene search

K
ubuntucveUbuntu.comUB:CVE-2013-5572
HistoryOct 01, 2013 - 12:00 a.m.

CVE-2013-5572

2013-10-0100:00:00
ubuntu.com
ubuntu.com
11

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

0.01 Low

EPSS

Percentile

83.4%

Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind
password by leveraging management-console access and reading the
ldap_bind_password value in the HTML source code.

Notes

Author Note
seth-arnold may require an authenticated user to carry out attack on another user, perhaps with different privileges

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

0.01 Low

EPSS

Percentile

83.4%