CVE-2013-2151

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2013-2151
Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.

7.2 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://rhn.redhat.com/errata/RHSA-2013-0925.html Vendor Advisory
http://www.securityfocus.com/bid/60473
https://exchange.xforce.ibmcloud.com/vulnerabilities/84868
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*
History

13 Feb 2023, 04:43

Type Values Removed Values Added
Summary CVE-2013-2151 rhevm: rhev agent service unquoted search path Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.
References
  • {'url': 'https://access.redhat.com/errata/RHSA-2013:0925', 'name': 'https://access.redhat.com/errata/RHSA-2013:0925', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=971171', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=971171', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/security/cve/CVE-2013-2151', 'name': 'https://access.redhat.com/security/cve/CVE-2013-2151', 'tags': [], 'refsource': 'MISC'}

02 Feb 2023, 18:17

Type Values Removed Values Added
References
  • (MISC) https://access.redhat.com/errata/RHSA-2013:0925 -
  • (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=971171 -
  • (MISC) https://access.redhat.com/security/cve/CVE-2013-2151 -
Summary Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder. CVE-2013-2151 rhevm: rhev agent service unquoted search path
Information

Published : 2014-01-21 18:55

Updated : 2023-12-10 11:31

NVD link : CVE-2013-2151

Mitre link : CVE-2013-2151

CVE.ORG link : CVE-2013-2151

JSON object : View

Products Affected

redhat

  • enterprise_virtualization
CWE
NVD-CWE-Other