CVE-2013-4410

Опубликовано: 02 дек. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

ReviewBoard: has an access-control problem in REST API

Ссылки

http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html
Third Party Advisory
http://www.securityfocus.com/bid/63022
Third Party Advisory
VDB Entry
https://access.redhat.com/security/cve/cve-2013-4410
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4410
Issue Tracking
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/88060
Third Party Advisory
VDB Entry
https://security-tracker.debian.org/tracker/CVE-2013-4410
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html
Third Party Advisory
http://www.securityfocus.com/bid/63022
Third Party Advisory
VDB Entry
https://access.redhat.com/security/cve/cve-2013-4410
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4410
Issue Tracking
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/88060
Third Party Advisory
VDB Entry
https://security-tracker.debian.org/tracker/CVE-2013-4410
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:reviewboard:reviewboard:*:*:*:*:*:*:*:*

Версия от 1.6 (включая) до 1.6.19 (исключая)

cpe:2.3:a:reviewboard:reviewboard:*:*:*:*:*:*:*:*

Версия от 1.7 (включая) до 1.7.15 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00968

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-863

Связанные уязвимости

CVE-2013-4410

CVSS3: 7.5

debian

около 6 лет назад

ReviewBoard: has an access-control problem in REST API

GHSA-rq2f-p37v-9hqf

CVSS3: 7.5

github

почти 4 года назад

ReviewBoard: has an access-control problem in REST API

EPSS

Процентиль: 76%

0.00968

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-863