CVE-2013-3624

Published Oct 3, 2013

Last updated 11 years ago

Overview

Description: The OS deployment feature in Baramundi Management Suite 7.5 through 8.9 stores credentials in cleartext on deployed machines, which allows remote attackers to obtain sensitive information by reading a file. NOTE: this ID was also incorrectly mapped to a separate issue in Oracle Outside In, but the correct ID for that issue is CVE-2013-5763.
Source: cret@cert.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-310

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:baramundi:management_suite:7.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCDA79B5-FDD0-4AE7-8351-CBFD2A492674"
          },
          {
            "criteria": "cpe:2.3:a:baramundi:management_suite:7.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B31AE6A-A929-4EE4-BA33-F53E98733175"
          },
          {
            "criteria": "cpe:2.3:a:baramundi:management_suite:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEF63B2A-7246-42E4-B2FE-4BF1C1432F2B"
          },
          {
            "criteria": "cpe:2.3:a:baramundi:management_suite:8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC1F6A30-02A1-43B7-9E0F-348B77F0A413"
          },
          {
            "criteria": "cpe:2.3:a:baramundi:management_suite:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B0B3B35-A2E1-4836-9D9B-7DF6C26F166F"
          },
          {
            "criteria": "cpe:2.3:a:baramundi:management_suite:8.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "876AC393-9E0C-4C90-9451-F5767392C050"
          },
          {
            "criteria": "cpe:2.3:a:baramundi:management_suite:8.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8137E086-2A5E-4F76-9628-7A306336E9CE"
          },
          {
            "criteria": "cpe:2.3:a:baramundi:management_suite:8.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DC0DD47-DCA5-49E1-9A50-A1711CB522BB"
          },
          {
            "criteria": "cpe:2.3:a:baramundi:management_suite:8.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEDE7F6D-12F1-4191-BD1B-16F71E84936F"
          },
          {
            "criteria": "cpe:2.3:a:baramundi:management_suite:8.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B6AB34B-7EED-4574-B0B5-623AB2A49A3B"
          },
          {
            "criteria": "cpe:2.3:a:baramundi:management_suite:8.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0BDB61C-D191-4625-8D58-B53888BD8E94"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References