CVE-2013-5936

The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 allows remote attackers to obtain sensitive information about (1) runtime activity, (2) network configuration, (3) user sessions, (4) the memcache interface, and (5) the REST interface via API calls such as a hazelcast/rest/cluster/ call, a different vulnerability than CVE-2013-5200.

Published: Sep 25, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-5936
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
open-xchange / open-xchange_appsuite	7.0.1	7.0.1.x
open-xchange / open-xchange_appsuite	7.0.2	7.0.2.x
open-xchange / open-xchange_appsuite	7.2.0	7.2.0.x
open-xchange / open-xchange_appsuite	7.2.1	7.2.1.x

http://archives.neohapsis.com/archives/bugtraq/2013-09/0032.html

Vulnerability Database

CVE-2013-5936