Lucene search

[email protected]CVE-2014-5213

HistoryDec 19, 2014 - 6:59 p.m.

CVE-2014-5213

2014-12-1918:59:01

CWE-200

[email protected]

web.nvd.nist.gov

security

novell

edirectory

imonitor

cve-2014-5213

vulnerability

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

5.7 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.2%

JSON

nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request.

Affected configurations

NVD

Node

novelledirectoryRange≤8.8sp8

CPENameOperatorVersion
novell:edirectorynovell edirectoryle8.8

CPE	Name	Operator	Version
novell:edirectory	novell edirectory	le	8.8

References

www.securityfocus.com/archive/1/534284

www.securitytracker.com/id/1031408

bugzilla.novell.com/show_bug.cgi?id=904135

www.novell.com/support/kb/doc.php?id=3426981

www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141219-0_NetIQ_eDirectory_iMonitor_XSS_Memory_Disclosure_v10.txt

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

5.7 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.2%

JSON

Related for CVE-2014-5213

nvd1 prion1 cvelist1 packetstorm1 openvas1 securityvulns2