CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-6439

Candlepin in Red Hat Subscription Asset Manager 1.0 through 1.3 uses a weak authentication scheme when the configuration file does not specify a scheme, which has unspecified impact and attack vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.2%

CVSS Severity

CVSS v2 Score 9.3

References

http://rhn.redhat.com/errata/RHSA-2013-1863.html
https://bugzilla.redhat.com/show_bug.cgi?id=1042677
https://exchange.xforce.ibmcloud.com/vulnerabilities/90134
http://rhn.redhat.com/errata/RHSA-2013-1863.html
https://bugzilla.redhat.com/show_bug.cgi?id=1042677
https://exchange.xforce.ibmcloud.com/vulnerabilities/90134

Products affected by CVE-2013-6439

Redhat » Subscription Asset Manager » Version: 1.0.0

cpe:2.3:a:redhat:subscription_asset_manager:1.0.0
Redhat » Subscription Asset Manager » Version: 1.1.0

cpe:2.3:a:redhat:subscription_asset_manager:1.1.0
Redhat » Subscription Asset Manager » Version: 1.2.0

cpe:2.3:a:redhat:subscription_asset_manager:1.2.0
Redhat » Subscription Asset Manager » Version: 1.2.1

cpe:2.3:a:redhat:subscription_asset_manager:1.2.1
Redhat » Subscription Asset Manager » Version: 1.3.0

cpe:2.3:a:redhat:subscription_asset_manager:1.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-6439

Products

Pricing

Contact Us