{"containers": {"cna": {"affected": [{"product": "RHUI", "vendor": "RHUI", "versions": [{"status": "affected", "version": "through 2013-11-05"}]}], "descriptions": [{"lang": "en", "value": "RHUI (Red Hat Update Infrastructure) 2.1.3 has world readable PKI entitlement certificates"}], "problemTypes": [{"descriptions": [{"description": "PKI entitlement certificates are world readable", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-11-04T12:58:36.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4518"}, {"tags": ["x_refsource_MISC"], "url": "https://access.redhat.com/security/cve/cve-2013-4518"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T16:45:14.851Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4518"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://access.redhat.com/security/cve/cve-2013-4518"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-4518", "datePublished": "2019-11-04T12:58:36.000Z", "dateReserved": "2013-06-12T00:00:00.000Z", "dateUpdated": "2024-08-06T16:45:14.851Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:update_infrastructure:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "0C05A5A8-A343-4377-A1F4-40EAE0355CC7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "RHUI (Red Hat Update Infrastructure) 2.1.3 has world readable PKI entitlement certificates"}, {"lang": "es", "value": "RHUI (Red Hat Update Infrastructure) versi\u00f3n 2.1.3, presenta certificados de titularidad PKI legibles por todo el mundo."}], "id": "CVE-2013-4518", "lastModified": "2024-11-21T01:55:43.637", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-11-04T13:15:10.497", "references": [{"source": "secalert@redhat.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://access.redhat.com/security/cve/cve-2013-4518"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4518"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://access.redhat.com/security/cve/cve-2013-4518"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4518"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "RHUI: PKI entitlement certificates are world readable", "id": "1026998", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1026998"}, "csaw": false, "cvss": {"cvss_base_score": "2.1", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "status": "draft"}, "details": ["RHUI (Red Hat Update Infrastructure) 2.1.3 has world readable PKI entitlement certificates"], "name": "CVE-2013-4518", "package_state": [{"cpe": "cpe:/a:redhat:rhui:2", "fix_state": "Will not fix", "package_name": "rh-rhui-tools", "product_name": "RHUI for RHEL 6"}], "public_date": "2014-08-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-4518\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-4518"], "statement": "Red Hat Update Infrastructure 2.1.3 is now in Production 2 Phase of the support and maintenance life cycle. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Update Infrastructure Life Cycle: https://access.redhat.com/support/policy/updates/rhui.", "threat_severity": "Low"}

{}