CVE-2013-3712

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-3712
SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://secunia.com/advisories/57050 Vendor Advisory
https://www.suse.com/support/update/announcement/2014/suse-su-20140254-1.html Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*
cpe:2.3:a:suse:studio_onsite:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:suse:studio_onsite:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:suse:studio_onsite:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:suse:studio_onsite:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:suse:studio_onsite:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:suse:studio_extension_for_system_z:1.3:*:*:*:*:*:*:*
Information

Published : 2014-02-26 07:55

Updated : 2014-03-10 12:17

NVD link : CVE-2013-3712

Mitre link : CVE-2013-3712

JSON object : View

CWE
CWE-310

Cryptographic Issues

Advertisement

dedicated server usa
Products Affected

suse

  • studio_extension_for_system_z
  • studio_onsite