Lucene search
HistoryJan 13, 2014 - 9:55 p.m.
CVE-2013-7239
memcached
authentication bypass
cve-2013-7239
security vulnerabilities
nvd
4.8 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
9.4 High
AI Score
Confidence
High
0.016 Low
EPSS
Percentile
87.3%
memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.
Affected configurations
Node
memcachedmemcachedRange≤1.4.16
ORmemcachedmemcachedMatch1.4.0
ORmemcachedmemcachedMatch1.4.1
ORmemcachedmemcachedMatch1.4.2
ORmemcachedmemcachedMatch1.4.3
ORmemcachedmemcachedMatch1.4.4
ORmemcachedmemcachedMatch1.4.5
ORmemcachedmemcachedMatch1.4.6
ORmemcachedmemcachedMatch1.4.7
ORmemcachedmemcachedMatch1.4.8
ORmemcachedmemcachedMatch1.4.9
ORmemcachedmemcachedMatch1.4.10
ORmemcachedmemcachedMatch1.4.11
ORmemcachedmemcachedMatch1.4.12
ORmemcachedmemcachedMatch1.4.13
ORmemcachedmemcachedMatch1.4.14
ORmemcachedmemcachedMatch1.4.15
Related
ubuntucve
ubuntucve
CVE-2013-7239
2014-01-01 00:00:00
debiancve
debiancve
CVE-2013-7239
2014-01-13 21:55:05
nvd
nvd
CVE-2013-7239
2014-01-13 21:55:05
nessus
nessus
memcached SASL Authentication Security Bypass
2014-01-30 00:00:00
Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : memcached vulnerabilities (USN-2080-1)
2014-01-14 00:00:00
memcached < 1.4.17 Multiple Vulnerabilities
2014-01-30 00:00:00
cvelist
cvelist
CVE-2013-7239
2014-01-13 21:00:00
prion
prion
Authentication flaw
2014-01-13 21:55:00
openvas
openvas
Ubuntu: Security Advisory (USN-2080-1)
2014-01-20 00:00:00
Debian Security Advisory DSA 2832-1 (memcached - several vulnerabilities)
2014-01-01 00:00:00
Ubuntu Update for memcached USN-2080-1
2014-01-20 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2832-1] memcached security update
2014-01-08 00:00:00
memcached multiple security vulnerabilities
2014-01-29 00:00:00
[ MDVSA-2014:010 ] memcached
2014-01-29 00:00:00
osv
osv
memcached - several
2014-01-01 00:00:00
debian
debian
[SECURITY] [DSA 2832-1] memcached security update
2014-01-01 11:17:45
[SECURITY] [DSA 2832-1] memcached security update
2014-01-01 11:17:45
ubuntu
ubuntu
Memcached vulnerabilities
2014-01-13 00:00:00
mageia
mageia
Updated memcached package fixes multiple security vulnerabilities
2014-01-21 20:14:47
oraclelinux
oraclelinux
memcached security update
2016-11-23 00:00:00
gentoo
gentoo
memcached: Multiple vulnerabilities
2014-06-15 00:00:00
suse
suse
Security update for memcached (important)
2018-03-26 15:09:40
Security update for memcached (important)
2018-03-22 17:27:53
4.8 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
9.4 High
AI Score
Confidence
High
0.016 Low
EPSS
Percentile
87.3%
Related for CVE-2013-7239