CVE-2013-7239

memcached <1.4.17 - Auth Bypass

Title source: llm

Description

memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.

References (6)

Scores

EPSS 0.0030
EPSS Percentile 52.9%

Classification

CWE
CWE-287
Status draft

Affected Products (17)

memcached/memcached < 1.4.16
memcached/memcached
memcached/memcached
memcached/memcached
memcached/memcached
memcached/memcached
memcached/memcached
memcached/memcached
memcached/memcached
memcached/memcached
memcached/memcached
memcached/memcached
memcached/memcached
memcached/memcached
memcached/memcached
... and 2 more

Timeline

Published Jan 13, 2014
Tracked Since Feb 18, 2026