CVE-2013-6180

EMC RSA Security Analytics (SA) 10.x before 10.3, and RSA NetWitness NextGen 9.8, does not ensure that SA Core requests originate from the SA REST UI, which allows remote attackers to bypass intended access restrictions by sending a Core request from a web browser or other unintended user agent.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2013-12/0034.html
http://www.securitytracker.com/id/1029446

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:emc:rsa_netwitness_nextgen:9.8:::::::*
	cpe:2.3:a:emc:rsa_security_analytics:10.0:::::::*
	cpe:2.3:a:emc:rsa_security_analytics:10.1:::::::*
	cpe:2.3:a:emc:rsa_security_analytics:10.2:::::::*

History

No history.

Information

Published : 2013-12-09 18:55

Updated : 2023-12-10 11:16

NVD link : CVE-2013-6180

Mitre link : CVE-2013-6180

CVE.ORG link : CVE-2013-6180

JSON object : View

Products Affected

emc

rsa_netwitness_nextgen
rsa_security_analytics

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2013-6180", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-12-09T18:55:09.920", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0034.html", "source": "security_alert@emc.com"}, {"url": "http://www.securitytracker.com/id/1029446", "source": "security_alert@emc.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "EMC RSA Security Analytics (SA) 10.x before 10.3, and RSA NetWitness NextGen 9.8, does not ensure that SA Core requests originate from the SA REST UI, which allows remote attackers to bypass intended access restrictions by sending a Core request from a web browser or other unintended user agent."}, {"lang": "es", "value": "EMC RSA Security Analytics (SA) 10.x anterior a 10.3, y RSA NetWitness NextGen 9.8, no asegura que las peticiones al SA Core se originen en el SA REST UI, lo que permite a atacantes remotos evitar las restricciones de acceso al enviar una solicitud Core desde una web navegador u otro agente de usuario no deseado."}], "lastModified": "2014-01-08T04:42:01.980", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:emc:rsa_netwitness_nextgen:9.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12A0654C-F8C4-4B98-99A8-68444F58F846"}, {"criteria": "cpe:2.3:a:emc:rsa_security_analytics:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C264FDBA-A31E-4453-9700-556CD5D247A8"}, {"criteria": "cpe:2.3:a:emc:rsa_security_analytics:10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20931B04-A6E1-4A86-8CBF-A7527FA14803"}, {"criteria": "cpe:2.3:a:emc:rsa_security_analytics:10.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D982272F-FA17-48B3-81CA-5E0B40F1E9B7"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}