Skip to main content
CVE-2013-3617 LOW POC THREAT Monitor

The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML document with an external entity declaration in conjunction with an entity. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 56.7%.

Privilege Escalation XXE Openbravo Erp
NVD Exploit-DB
CVSS 2.0
3.5
EPSS
56.7%
CVE-2013-4477 LOW POC PATCH Monitor

The LDAP backend in OpenStack Identity (Keystone) Grizzly and Havana, when removing a role on a tenant for a user who does not have that role, adds the role to the user, which allows local users to. Rated low severity (CVSS 3.3). Public exploit code available.

Privilege Escalation Grizzly Havana
NVD
CVSS 2.0
3.3
EPSS
0.2%
CVE-2013-4469 LOW POC PATCH Monitor

OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service. Rated low severity (CVSS 1.9). Public exploit code available.

Denial Of Service Folsom Grizzly Havana
NVD
CVSS 2.0
1.9
EPSS
0.1%
CVE-2013-3285 LOW Monitor

The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Networker
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-3287 LOW Monitor

EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console. Rated low severity (CVSS 1.9). No vendor patch available.

Information Disclosure Emc Unisphere
NVD
CVSS 2.0
1.9
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy