CVE-2014-0103

Published Jul 29, 2014

Last updated 3 months ago

CVSS info 2.1

Overview

Description: WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-310

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:zarafa:webapp:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A4B27EE-B02D-421B-BD95-F2DB5C018D6D",
            "versionEndIncluding": "1.5"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28C5C692-39F1-4E64-9190-889384405F90",
            "versionEndIncluding": "7.1.9"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED156852-536D-4F1E-A0F6-AE56A3761B31"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB87FEAC-53F9-408A-ACC1-8E158C969D10"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B3295CA-1249-486D-B8B5-BA8D3E51208E"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20351915-0737-4116-A5FC-1A599CF4B58F"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED8C5B3B-1A70-4C55-8883-C76B4E8B06E1"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49114244-F5F6-4170-A774-C4464910C235"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA8AC6BF-966E-4E2C-816C-8E0408371FB3"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83BBD25D-D9D3-4AEC-BCBD-AF71B1E83306"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8B82DCF-DBB2-4123-BC2C-CADA57D7BB5F"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9593342-5727-4321-A3D1-106B53807F22"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "169C423D-EC0F-4515-9D9F-5C836D317818"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5918BF47-F84B-44AA-AC6F-2B6ABBDAF559"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9F7FACD-C812-44E7-AD6E-BDE0D7935C90"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "562E0822-7D69-4CA0-BF45-90431B902C19"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CC4BF34-15BE-4ECE-B4F8-A0F89CEC134D"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B616E103-E23C-472A-BF01-B135C7C9A91D"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC44763E-0B6F-4F85-BFF4-443F8E8C1DB0"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31107633-C2C7-45C6-AD29-C201FB9C91CC"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E3B86A7-D99C-48D1-83A6-74C1B03C51A2"
          },
          {
            "criteria": "cpe:2.3:a:zarafa:zarafa:7.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF0735C7-4626-40F9-BD84-970C120FFA09"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References