Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-1402

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2013-1402
Last Modified 15 Feb 2013 12:00:00
Published 14 Feb 2013 05:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-1402

Summary

DigiLIBE 3.4 and possibly other versions sends a redirect but does not exit, which allows remote attackers to obtain sensitive configuration information via a direct request to configuration/general_configuration.html.

Vulnerable Systems

Application

  • Digitiliti Digilibe 3.4


References

BUGTRAQ - 20130122 CVE-2013-1402 - DigiLIBE Management Console - Execution After Redirect (EAR) Vulnerability


Last Updated: 27 May 2016 11:01:52