Vulnerability Description
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 allows remote attackers to obtain sensitive information about (1) runtime activity, (2) network configuration, (3) user sessions, (4) the memcache interface, and (5) the REST interface via API calls such as a hazelcast/rest/cluster/ call, a different vulnerability than CVE-2013-5200.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open-Xchange | Open-Xchange Appsuite | 7.0.1 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2013-09/0032.html
- http://archives.neohapsis.com/archives/bugtraq/2013-09/0032.html
FAQ
What is CVE-2013-5936?
CVE-2013-5936 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 allows remote attackers to obtain sensitive information about (1) runtime activity, (2) network...
How severe is CVE-2013-5936?
CVE-2013-5936 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5936?
Check the references section above for vendor advisories and patch information. Affected products include: Open-Xchange Open-Xchange Appsuite.