4
CVE-2013-4566
- EPSS 0.12%
- Published 12.12.2013 18:55:10
- Last modified 11.04.2025 00:51:21
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions.
Data is provided by the National Vulnerability Database (NVD)
Mod Nss Project ≫ Mod Nss Version <= 1.0.8
Mod Nss Project ≫ Mod Nss Version1.0
Mod Nss Project ≫ Mod Nss Version1.0.2
Mod Nss Project ≫ Mod Nss Version1.0.3
Mod Nss Project ≫ Mod Nss Version1.0.4
Mod Nss Project ≫ Mod Nss Version1.0.5
Mod Nss Project ≫ Mod Nss Version1.0.6
Mod Nss Project ≫ Mod Nss Version1.0.7
Redhat ≫ Enterprise Linux Version5
Redhat ≫ Enterprise Linux Version6.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.284 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 4.9 | 4.9 |
AV:N/AC:H/Au:N/C:P/I:P/A:N
|