CVE-2013-4987 — HIGH (8.5) — White Hats Nepal

Q: What is CVE-2013-4987?

CVE-2013-4987 is a vulnerability with a CVSS score of 8.5 (HIGH). PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command.

Q: How severe is CVE-2013-4987?

CVE-2013-4987 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2013-4987?

Check the references section above for vendor advisories and patch information. Affected products include: Pineapp Mail-Secure.

Vulnerability Description

PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command.

CVSS Score

8.5

HIGH

AV:N/AC:M/Au:S/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Pineapp	Mail-Secure	<= 3.69

Related Weaknesses (CWE)

CWE-264

References

http://www.coresecurity.com/advisories/pinapp-mail-secure-access-control-failureExploit
http://www.coresecurity.com/advisories/pinapp-mail-secure-access-control-failureExploit

FAQ

What is CVE-2013-4987?

CVE-2013-4987 is a vulnerability with a CVSS score of 8.5 (HIGH). PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command.

How severe is CVE-2013-4987?

CVE-2013-4987 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-4987?

Check the references section above for vendor advisories and patch information. Affected products include: Pineapp Mail-Secure.