Executive Summary



This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary
Informations
Name CVE-2013-3507 First vendor Publication 2013-05-08
Vendor Cve Last vendor Modification 2013-05-08

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:P/I:N/A:N)
Cvss Base Score 4 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

The NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to obtain sensitive information via a direct request for (1) a configuration file, (2) a database dump, or (3) the Tomcat status context.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3507

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-200 Information Exposure

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

Nessus® Vulnerability Scanner

Date Description
2013-06-28 Name : The remote host has a web application that is affected by an arbitrary file a...
File : groundwork_monitor_enterprise_arbitrary_file_access.nasl - Type : ACT_ATTACK
2013-06-28 Name : The remote host has a web application that is affected by an authentication b...
File : groundwork_monitor_enterprise_auth_bypass.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
CERT-VN http://www.kb.cert.org/vuls/id/345260
MISC https://kb.groundworkopensource.com/display/SUPPORT/SA6.7.0-1+Some+web+compon...
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/201303...

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2019-05-10 12:05:33
  • Multiple Updates
2013-05-10 22:30:37
  • Multiple Updates
2013-05-08 21:19:52
  • First insertion