Vulnerability Details CVE-2013-3624
The OS deployment feature in Baramundi Management Suite 7.5 through 8.9 stores credentials in cleartext on deployed machines, which allows remote attackers to obtain sensitive information by reading a file. NOTE: this ID was also incorrectly mapped to a separate issue in Oracle Outside In, but the correct ID for that issue is CVE-2013-5763.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.3%
CVSS Severity
CVSS v2 Score 7.8
Products affected by CVE-2013-3624
-
cpe:2.3:a:baramundi:management_suite:7.5
-
cpe:2.3:a:baramundi:management_suite:7.6
-
cpe:2.3:a:baramundi:management_suite:8.0
-
cpe:2.3:a:baramundi:management_suite:8.1
-
cpe:2.3:a:baramundi:management_suite:8.2
-
cpe:2.3:a:baramundi:management_suite:8.3
-
cpe:2.3:a:baramundi:management_suite:8.5
-
cpe:2.3:a:baramundi:management_suite:8.6
-
cpe:2.3:a:baramundi:management_suite:8.7
-
cpe:2.3:a:baramundi:management_suite:8.8
-
cpe:2.3:a:baramundi:management_suite:8.9