CVE-2013-2051

Advisory lineage Upstream: 0 Downstream: 1
Downstream
RHSA-2013:0869
Modified
Published: 09 Jul 2013, 17:00
Last modified:06 Aug 2024, 15:20

Vulnerability Summary

Overall Risk (default)
low
10/100
CVSS Score
2.6 LOW
v2.0 (nvd)
EPSS Score
0.34% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

09 Jul 2013, 17:00
Published
Vulnerability first disclosed
06 Aug 2024, 15:20
Last Modified
Vulnerability information updated

Description

The Tomcat 6 DIGEST authentication functionality as used in Red Hat Enterprise Linux 6 allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. NOTE: this issue is due to an incomplete fix for CVE-2012-5887.

CVSS Metrics

  • v2.0LOWScore: 2.6AV:N/AC:H/Au:N/C:N/I:P/A:N

EPSS Trends

Current EPSS score: 0.34% Percentile: 57%

Techniques & Countermeasures

  • CWE-264Permissions, Privileges, and Access Controls

    Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Affected Systems

  • redhatenterprise_linux

    6.0

References (3)