CVE-2013-5934

Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 has a hardcoded password for node join operations, which allows remote attackers to expand a cluster by finding this password in the source code and then sending the password in a Hazelcast cluster API call, a different vulnerability than CVE-2013-5200.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:P/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
VendorProductVersion
open-xchangeopen-xchange_appsuite
7.0.1
open-xchangeopen-xchange_appsuite
7.0.2
open-xchangeopen-xchange_appsuite
7.2.0
open-xchangeopen-xchange_appsuite
7.2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2013-09/0032.html
http://archives.neohapsis.com/archives/bugtraq/2013-09/0032.html