exploitDog

CVE-2013-5936

Опубликовано: 25 сент. 2013

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 allows remote attackers to obtain sensitive information about (1) runtime activity, (2) network configuration, (3) user sessions, (4) the memcache interface, and (5) the REST interface via API calls such as a hazelcast/rest/cluster/ call, a different vulnerability than CVE-2013-5200.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.0.1:*:*:*:*:*:*:*

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.0.2:*:*:*:*:*:*:*

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.2.0:*:*:*:*:*:*:*

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.0025

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-qvcm-3pr4-v334

github

больше 3 лет назад

The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 allows remote attackers to obtain sensitive information about (1) runtime activity, (2) network configuration, (3) user sessions, (4) the memcache interface, and (5) the REST interface via API calls such as a hazelcast/rest/cluster/ call, a different vulnerability than CVE-2013-5200.

EPSS

Процентиль: 48%

0.0025

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-200