Vulnerability Details : CVE-2013-7383
x2gocleansessions in X2Go Server before 4.0.0.8 and 4.0.1.x before 4.0.1.10 allows remote authenticated users to gain privileges via unspecified vectors, possibly related to backticks.
Exploit prediction scoring system (EPSS) score for CVE-2013-7383
Probability of exploitation activity in the next 30 days: 0.32%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 67 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-7383
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST |
CWE ids for CVE-2013-7383
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-7383
-
http://security.gentoo.org/glsa/glsa-201405-26.xml
X2Go Server: Privilege Escalation (GLSA 201405-26) — Gentoo security
-
http://www.openwall.com/lists/oss-security/2014/05/19/4
oss-security - Re: CVE request: X2Go Server privilege escalation
-
http://permalink.gmane.org/gmane.linux.terminal-server.x2go.announce/83
Vendor Advisory
-
http://www.securityfocus.com/bid/65001
X2Go Server 'x2gocleansessions' Local Privilege Escalation Vulnerability
-
http://www.openwall.com/lists/oss-security/2014/05/18/1
oss-security - CVE request: X2Go Server privilege escalation
Products affected by CVE-2013-7383
- cpe:2.3:a:x2go:x2go_server:*:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:x2go:x2go_server:4.0.0.1:*:*:*:*:*:*:*