Vulnerability Details : CVE-2013-7383
x2gocleansessions in X2Go Server before 4.0.0.8 and 4.0.1.x before 4.0.1.10 allows remote authenticated users to gain privileges via unspecified vectors, possibly related to backticks.
Products affected by CVE-2013-7383
- cpe:2.3:a:x2go:x2go_server:*:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.0.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-7383
0.32%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 67 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-7383
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST |
CWE ids for CVE-2013-7383
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-7383
-
http://security.gentoo.org/glsa/glsa-201405-26.xml
X2Go Server: Privilege Escalation (GLSA 201405-26) — Gentoo security
-
http://www.openwall.com/lists/oss-security/2014/05/19/4
oss-security - Re: CVE request: X2Go Server privilege escalation
-
http://permalink.gmane.org/gmane.linux.terminal-server.x2go.announce/83
Vendor Advisory
-
http://www.securityfocus.com/bid/65001
X2Go Server 'x2gocleansessions' Local Privilege Escalation Vulnerability
-
http://www.openwall.com/lists/oss-security/2014/05/18/1
oss-security - CVE request: X2Go Server privilege escalation
Jump to