CVE-2013-5364 in CSI Agentinfo

Summary

Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and 7.0.0.21 and earlier, when running on Red Hat Linux, uses world-readable and world-writable permissions for /etc/csia_config.xml, which allows local users to change CSI Agent configuration by modifying this file.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

08/21/2013

Disclosure

01/25/2014

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
11790	Secunia CSI Agent Configuration File csia_config.xml access control	264	Proof-of-Concept	Official fix	CVE-2013-5364

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!