Lucene search
CertccCVE-2013-3624HistoryOct 03, 2013 - 11:04 a.m.
CVE-2013-3624
2013-10-0311:04:43
CWE-310
certcc
web.nvd.nist.gov
32
baramundi management suite
os deployment
credentials
cleartext
security vulnerability
cve-2013-3624
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
5.6
Confidence
Low
EPSS
0.284
Percentile
96.9%
The OS deployment feature in Baramundi Management Suite 7.5 through 8.9 stores credentials in cleartext on deployed machines, which allows remote attackers to obtain sensitive information by reading a file. NOTE: this ID was also incorrectly mapped to a separate issue in Oracle Outside In, but the correct ID for that issue is CVE-2013-5763.
Affected configurations
Node
baramundimanagement_suiteMatch7.5
ORbaramundimanagement_suiteMatch7.6
ORbaramundimanagement_suiteMatch8.0
ORbaramundimanagement_suiteMatch8.1
ORbaramundimanagement_suiteMatch8.2
ORbaramundimanagement_suiteMatch8.3
ORbaramundimanagement_suiteMatch8.5
ORbaramundimanagement_suiteMatch8.6
ORbaramundimanagement_suiteMatch8.7
ORbaramundimanagement_suiteMatch8.8
ORbaramundimanagement_suiteMatch8.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| baramundi | management_suite | 7.5 | cpe:2.3:a:baramundi:management_suite:7.5:*:*:*:*:*:*:* |
| baramundi | management_suite | 7.6 | cpe:2.3:a:baramundi:management_suite:7.6:*:*:*:*:*:*:* |
| baramundi | management_suite | 8.0 | cpe:2.3:a:baramundi:management_suite:8.0:*:*:*:*:*:*:* |
| baramundi | management_suite | 8.1 | cpe:2.3:a:baramundi:management_suite:8.1:*:*:*:*:*:*:* |
| baramundi | management_suite | 8.2 | cpe:2.3:a:baramundi:management_suite:8.2:*:*:*:*:*:*:* |
| baramundi | management_suite | 8.3 | cpe:2.3:a:baramundi:management_suite:8.3:*:*:*:*:*:*:* |
| baramundi | management_suite | 8.5 | cpe:2.3:a:baramundi:management_suite:8.5:*:*:*:*:*:*:* |
| baramundi | management_suite | 8.6 | cpe:2.3:a:baramundi:management_suite:8.6:*:*:*:*:*:*:* |
| baramundi | management_suite | 8.7 | cpe:2.3:a:baramundi:management_suite:8.7:*:*:*:*:*:*:* |
| baramundi | management_suite | 8.8 | cpe:2.3:a:baramundi:management_suite:8.8:*:*:*:*:*:*:* |
References
Related
seebug
seebug
nvd
nvd
CVE-2013-3624
2013-10-03 11:04:43
CVE-2013-5763
2013-12-12 20:55:03
cvelist
cvelist
CVE-2013-3624
2013-10-03 10:00:00
CVE-2013-5763
2013-12-12 20:00:00
prion
prion
Design/Logic Flaw
2013-10-03 11:04:00
Design/Logic Flaw
2013-12-12 20:55:00
cve
cve
CVE-2013-5763
2013-12-12 20:55:03
cert
cert
Baramundi Management Suite transmits data and stores keys and credentials insecurely
2013-10-01 00:00:00
Oracle Outside In OS/2 Metafile parser stack buffer overflow
2013-10-17 00:00:00
checkpoint_advisories
checkpoint_advisories
ibm
ibm
Security Bulletin: IBM FileNet Content Manager and IBM Content Foundation β Oracle Outside In Technology security vulnerabilities (CVE-2013-5791, CVE-2013-5763)
2018-06-17 11:49:57
Security Bulletin: Content Manager Enterprise Edition and use of Oracle Outside In Technology Security Vulnerability (CVE-2013-5791, CVE-2013-5763)
2024-01-29 19:20:06
Security Bulletin eDiscovery Manager (CVE-2013-5791 and CVE-2013-5763)
2018-06-17 11:49:57
nessus
nessus
openvas
openvas
MS Exchange Server Remote Code Execution Vulnerabilities (2915705)
2013-12-11 00:00:00
Microsoft Exchange Server Remote Code Execution Vulnerabilities (2915705)
2013-12-11 00:00:00
mskb
mskb
securityvulns
securityvulns
Microsoft Exchange Server multiple security vulnerabilities
2013-12-16 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2013
2013-10-15 00:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
5.6
Confidence
Low
EPSS
0.284
Percentile
96.9%
Related for CVE-2013-3624