Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-6766

Опубликовано: 19 мая 2014
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

OpenVAS Administrator 1.2 before 1.2.2 and 1.3 before 1.3.2 allows remote attackers to bypass the OAP authentication restrictions and execute OAP commands via a crafted OAP request for version information, which causes the state to be set to CLIENT_AUTHENTIC.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:openvas:openvas_administrator:1.2:rc1:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_administrator:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_administrator:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_administrator:1.3:beta1:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_administrator:1.3:rc1:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_administrator:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_administrator:1.3.1:*:*:*:*:*:*:*

EPSS

Процентиль: 59%
0.00383
Низкий

7.5 High

CVSS2

Дефекты

CWE-287

Связанные уязвимости

ubuntu логотип

CVE-2013-6766

ubuntu
больше 11 лет назад

OpenVAS Administrator 1.2 before 1.2.2 and 1.3 before 1.3.2 allows remote attackers to bypass the OAP authentication restrictions and execute OAP commands via a crafted OAP request for version information, which causes the state to be set to CLIENT_AUTHENTIC.

github логотип

GHSA-jfxq-6qfr-g8m8

github
больше 3 лет назад

OpenVAS Administrator 1.2 before 1.2.2 and 1.3 before 1.3.2 allows remote attackers to bypass the OAP authentication restrictions and execute OAP commands via a crafted OAP request for version information, which causes the state to be set to CLIENT_AUTHENTIC.

EPSS

Процентиль: 59%
0.00383
Низкий

7.5 High

CVSS2

Дефекты

CWE-287