CVE-2013-2193

CWE-287Improper Authentication4 documents4 sources
Severity
4.3MEDIUM
EPSS
0.2%
top 63.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Hbase
Timeline
PublishedMay 29
Latest updateMay 17

Description

Apache HBase 0.92.x before 0.92.3 and 0.94.x before 0.94.9, when the Kerberos features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via unspecified vectors.

CVSS vector

AV:A/AC:H/C:P/I:P/A:PExploitability: 3.2 | Impact: 6.4

Affected Packages1 packages

NVDapache/hbase13 versions+12

🔴Vulnerability Details

2
GHSA
GHSA-5x87-whj4-hpw7: Apache HBase 02022-05-17
CVEList
CVE-2013-2193: Apache HBase 02014-05-29

💬Community

1
Bugzilla
CVE-2013-2193 hbase: man-in-the-middle vulnerability2013-08-27
CVE-2013-2193 (MEDIUM CVSS 4.3) | Apache HBase 0.92.x before 0.92.3 a | cvebase.io