CVE-2013-5936Sensitive Information Exposure in Appsuite

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
4.3MEDIUMNVD
CNA7.5
EPSS
0.3%
top 51.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Open-xchange Appsuite
Timeline
PublishedSep 25
Latest updateMay 17

Description

The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 allows remote attackers to obtain sensitive information about (1) runtime activity, (2) network configuration, (3) user sessions, (4) the memcache interface, and (5) the REST interface via API calls such as a hazelcast/rest/cluster/ call, a different vulnerability than CVE-2013-5200.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-qvcm-3pr4-v334: The Hazelcast cluster API in Open-Xchange AppSuite 72022-05-17
CVEList
CVE-2013-5936: The Hazelcast cluster API in Open-Xchange AppSuite 72013-09-25
CVE-2013-5936 — Sensitive Information Exposure | cvebase