Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveRedhatCVE-2013-7252
HistoryJan 18, 2015 - 6:59 p.m.

CVE-2013-7252

2015-01-1818:59:00
CWE-310
redhat
web.nvd.nist.gov
27
cve-2013-7252
kwallet
vulnerability
kde apps
blowfish
ecb mode
cbc mode
codebook attack
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.004

Percentile

74.1%

JSON

kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for attackers to guess passwords via a codebook attack.

Affected configurations

Nvd
Node
kdekde_applicationsRange14.11.3
VendorProductVersionCPE
kdekde_applications*cpe:2.3:a:kde:kde_applications:*:*:*:*:*:*:*:*

Related

freebsd 1
nessus 6
cvelist 1
prion 1
nvd 1
ubuntucve 1
mageia 1
fedora 2
openvas 4
debiancve 1
gentoo 1
freebsd
freebsd
kde-runtime -- incorrect CBC encryption handling
2015-01-09 00:00:00
nessus
nessus
Fedora 21 : kde-runtime-4.14.3-3.fc21 (2015-0569)
2015-01-15 00:00:00
GLSA-201606-19 : kwalletd: Information disclosure
2016-06-28 00:00:00
SuSE 11.3 Security Update : kdebase4-runtime (SAT Patch Number 10404)
2015-03-18 00:00:00
cvelist
cvelist
CVE-2013-7252
2015-01-18 18:00:00
prion
prion
Code injection
2015-01-18 18:59:00
nvd
nvd
CVE-2013-7252
2015-01-18 18:59:00
ubuntucve
ubuntucve
CVE-2013-7252
2015-01-18 00:00:00
mageia
mageia
Updated kdebase4-runtime packages fix CVE-2013-7252 and several bugs
2015-01-31 16:23:52
fedora
fedora
[SECURITY] Fedora 21 Update: kde-runtime-4.14.3-3.fc21
2015-01-14 23:58:40
[SECURITY] Fedora 20 Update: kde-runtime-4.14.3-3.fc20
2015-01-26 02:31:34
openvas
openvas
Fedora Update for kde-runtime FEDORA-2015-0569
2015-01-15 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0512-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2015-0044)
2022-01-28 00:00:00
debiancve
debiancve
CVE-2013-7252
2015-01-18 18:59:00
gentoo
gentoo
kwalletd: Information disclosure
2016-06-27 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.004

Percentile

74.1%

JSON
Related for CVE-2013-7252
freebsd1nessus6cvelist1prion1nvd1ubuntucve1mageia1fedora2openvas4debiancve1gentoo1