CVE-2013-4987 : PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privil

PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command.

Published 2013-11-08 04:47:23

Updated 2025-04-11 00:51:22

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2013-4987

Pineapp » Mail-secure
Versions up to, including, (<=) 3.69
cpe:2.3:a:pineapp:mail-secure:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2013-4987

EPSS FAQ

8.08%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 91 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2013-4987

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
8.5	HIGH	AV:N/AC:M/Au:S/C:C/I:C/A:C	6.8	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2013-4987

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-4987

http://www.coresecurity.com/advisories/pinapp-mail-secure-access-control-failure

PineApp Mail-SeCure Access Control Failure | Core Security
Exploit

Jump to

Vulnerability Details : CVE-2013-4987

Products affected by CVE-2013-4987

Exploit prediction scoring system (EPSS) score for CVE-2013-4987

CVSS scores for CVE-2013-4987

CWE ids for CVE-2013-4987

References for CVE-2013-4987