4.3

CVE-2013-4135

The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt option, only enables integrity protection and sends data in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

Data is provided by the National Vulnerability Database (NVD)
OpenafsOpenafs Version1.6.0
OpenafsOpenafs Version1.6.1
OpenafsOpenafs Version1.6.2
OpenafsOpenafs Version1.6.2.1
OpenafsOpenafs Version1.6.3
OpenafsOpenafs Version1.6.4
DebianDebian Linux Version7.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.28% 0.487
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N