Lucene search

MitreCVE-2013-2624

HistoryFeb 03, 2020 - 3:15 p.m.

CVE-2013-2624

2020-02-0315:15:11

CWE-200

mitre

web.nvd.nist.gov

telean

1.3.1

full path disclosure

vulnerability

remote attackers

sensitive information

url request

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

0.06

Percentile

93.5%

JSON

Telean before 1.3.1 contains a full path disclosure vulnerability which could allow remote attackers to obtain sensitive information through a specially crafted URL request.

Affected configurations

Nvd

Node

telaen_projecttelaenRange<1.3.1

References

exchange.xforce.ibmcloud.com/vulnerabilities/84685

www.isecauditors.com/advisories-2013#2013-009

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

0.06

Percentile

93.5%

JSON

Related for CVE-2013-2624