CVE-2013-5936
Open-Xchange AppSuite <7.0.2-rev15/7.2.2-rev16 - Sensitive Information Exposure via Hazelcast
Title source: llmDescription
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 allows remote attackers to obtain sensitive information about (1) runtime activity, (2) network configuration, (3) user sessions, (4) the memcache interface, and (5) the REST interface via API calls such as a hazelcast/rest/cluster/ call, a different vulnerability than CVE-2013-5200.
References (1)
Core 1
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-09/0032.html
Scores
EPSS
0.0025
EPSS Percentile
48.3%
Details
CWE
CWE-200
Status
published
Products (4)
open-xchange/open-xchange_appsuite
7.0.1
open-xchange/open-xchange_appsuite
7.0.2
open-xchange/open-xchange_appsuite
7.2.0
open-xchange/open-xchange_appsuite
7.2.1
Published
Sep 25, 2013
Tracked Since
Feb 18, 2026