CVE-2013-10013 — MEDIUM (5.5)

Q: How severe is CVE-2013-10013?

CVE-2013-10013 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2013-10013?

Check the references section above for vendor advisories and patch information. Affected products include: Authenticator Plugin Project Authenticator Plugin.

Vulnerability Description

A vulnerability was found in Bricco Authenticator Plugin. It has been declared as critical. This vulnerability affects the function authenticate/compare of the file src/java/talentum/escenic/plugins/authenticator/authenticators/DBAuthenticator.java. The manipulation leads to sql injection. Upgrading to version 1.39 is able to address this issue. The name of the patch is a5456633ff75e8f13705974c7ed1ce77f3f142d5. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218428.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Authenticator Plugin Project	Authenticator Plugin	< 1.39

Related Weaknesses (CWE)

CWE-89

References

https://github.com/Bricco/authenticator-plugin/commit/a5456633ff75e8f13705974c7ePatchThird Party Advisory
https://github.com/Bricco/authenticator-plugin/releases/tag/1.39Release NotesThird Party Advisory
https://vuldb.com/?ctiid.218428Permissions RequiredThird Party AdvisoryVDB Entry
https://vuldb.com/?id.218428Third Party AdvisoryVDB Entry
https://github.com/Bricco/authenticator-plugin/commit/a5456633ff75e8f13705974c7ePatchThird Party Advisory
https://github.com/Bricco/authenticator-plugin/releases/tag/1.39Release NotesThird Party Advisory
https://vuldb.com/?ctiid.218428Permissions RequiredThird Party AdvisoryVDB Entry
https://vuldb.com/?id.218428Third Party AdvisoryVDB Entry

FAQ

What is CVE-2013-10013?

CVE-2013-10013 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A vulnerability was found in Bricco Authenticator Plugin. It has been declared as critical. This vulnerability affects the function authenticate/compare of the file src/java/talentum/escenic/plugins/a...

How severe is CVE-2013-10013?

CVE-2013-10013 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-10013?

Check the references section above for vendor advisories and patch information. Affected products include: Authenticator Plugin Project Authenticator Plugin.