Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-6492

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2013-6492
Last Modified 18 Feb 2014 10:49:39
Published 14 Feb 2014 10:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-6492

Summary

The Piranha Configuration Tool in Piranha 0.8.6 does not properly restrict access to webpages, which allows remote attackers to bypass authentication and read or modify the LVS configuration via an HTTP POST request.

Vulnerable Systems

Application

  • Ryan Ohara Piranha 0.8.6


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1043040

REDHAT - RHSA-2014:0175

REDHAT - RHSA-2014:0174

CONFIRM - http://bugs.centos.org/view.php?id=6825


Last Updated: 27 May 2016 11:04:28