Vulnerability Description
The Data Camouflage (aka FairCom Standard Encryption) algorithm in FairCom c-treeACE does not ensure that a decryption key is needed for accessing database contents, which allows context-dependent attackers to read cleartext database records by copying a database to another system that has a certain default configuration.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Faircom | C-Treeace | - |
Related Weaknesses (CWE)
References
- http://www.kb.cert.org/vuls/id/900031US Government Resource
- http://www.kb.cert.org/vuls/id/900031US Government Resource
FAQ
What is CVE-2013-0148?
CVE-2013-0148 is a vulnerability with a CVSS score of 7.1 (HIGH). The Data Camouflage (aka FairCom Standard Encryption) algorithm in FairCom c-treeACE does not ensure that a decryption key is needed for accessing database contents, which allows context-dependent att...
How severe is CVE-2013-0148?
CVE-2013-0148 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-0148?
Check the references section above for vendor advisories and patch information. Affected products include: Faircom C-Treeace.