CVE-2013-1814

Apache Rave < 0.20.1 - Information Disclosure

Title source: rule

Description

The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response.

Exploits (2)

exploitdb WRITEUP

by Andreas Guth · textwebappsmultiple

https://www.exploit-db.com/exploits/24744

View Code ZIP pw:eip

metasploit WORKING POC

by Andreas Guth, juan vazquez · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/apache_rave_creds.rb

View Code ZIP pw:eip

References (2)

[Exploit] http://archives.neohapsis.com/archives/bugtraq/2013-03/0078.html

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/24744/

Scores

EPSS 0.8301

EPSS Percentile 99.3%

Details

CWE

CWE-200

Status published

Products (13)

apache/rave 0.11

apache/rave 0.12

apache/rave 0.13

apache/rave 0.14

apache/rave 0.15

apache/rave 0.16

apache/rave 0.17

apache/rave 0.18

apache/rave 0.19

apache/rave 0.20

... and 3 more

Published Mar 14, 2013

Tracked Since Feb 18, 2026