CVE-2013-2625

{"id": "CVE-2013-2625", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 3.9}]}, "published": "2019-11-27T19:15:11.713", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0009.html", "tags": ["Broken Link", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html", "tags": ["Release Notes", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/58936", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83287", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://security-tracker.debian.org/tracker/CVE-2013-2625", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0009.html", "tags": ["Broken Link", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html", "tags": ["Release Notes", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/58936", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83287", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security-tracker.debian.org/tracker/CVE-2013-2625", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-269"}]}], "descriptions": [{"lang": "en", "value": "An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified"}, {"lang": "es", "value": "Existe un problema de Omisi\u00f3n de Acceso en OTRS Help Desk versiones anteriores a la versi\u00f3n 3.2.4, 3.1.14 y 3.0.19, OTRS ITSM versiones anteriores a la versi\u00f3n 3.2.3, 3.1.8 y 3.0.7, y FAQ versiones anteriores a la versi\u00f3n 2.2.3, 2.1.4, y 2.0.8. Los derechos de acceso por el mecanismo de enlace de objetos no son comprobados."}], "lastModified": "2024-11-21T01:52:03.917", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:otrs:faq:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDE24232-72B7-40BC-BDC9-4889D3C80842", "versionEndExcluding": "2.0.8", "versionStartIncluding": "2.0.0"}, {"criteria": "cpe:2.3:a:otrs:faq:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A51091CA-6321-45F1-9FAA-EB45AF1949BA", "versionEndExcluding": "2.1.4", "versionStartIncluding": "2.1.0"}, {"criteria": "cpe:2.3:a:otrs:faq:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F9DC926-6983-499F-964B-5EB88112B522", "versionEndExcluding": "2.2.3", "versionStartIncluding": "2.2.0"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF1A2A1D-F946-47E6-8183-A971AF6EC301", "versionEndExcluding": "3.0.19", "versionStartIncluding": "3.0.0"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37B820B3-72F1-43C3-80B1-D0C18DE1C261", "versionEndExcluding": "3.1.14", "versionStartIncluding": "3.1.0"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28F96A54-4D16-4166-B422-E55C2D5C82FD", "versionEndExcluding": "3.2.4", "versionStartExcluding": "3.2.0"}, {"criteria": "cpe:2.3:a:otrs:otrs_itsm:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D294EC50-C72B-4DF4-A868-4AE6A8FDCFED", "versionEndExcluding": "3.0.7", "versionStartIncluding": "3.0.0"}, {"criteria": "cpe:2.3:a:otrs:otrs_itsm:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E23D8BE-818F-4F17-93C4-6E35840648AD", "versionEndExcluding": "3.1.8", "versionStartIncluding": "3.1.0"}, {"criteria": "cpe:2.3:a:otrs:otrs_itsm:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92B9FDF3-4FE0-4C4E-80D2-4EE05CA898D6", "versionEndExcluding": "3.2.3", "versionStartIncluding": "3.2.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8"}, {"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}