CVE-2013-6766
OpenVAS Authentication Bypass
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
OpenVAS Administrator 1.2 before 1.2.2 and 1.3 before 1.3.2 allows remote attackers to bypass the OAP authentication restrictions and execute OAP commands via a crafted OAP request for version information, which causes the state to be set to CLIENT_AUTHENTIC.
OpenVAS Administrator 1.2 anterior a 1.2.2 y 1.3 anterior a 1.3.2 permite a atacantes remotos evadir las restricciones de autenticación OAP y ejecutar comandos OAP a través de una solicitud OAP manipulada para información de versión, lo que causa que el estado se configure como CLIENT_AUTHENTIC.
It has been identified that OpenVAS Manager and OpenVAS Administrator are vulnerable to authentication bypass due to an incorrect state assignment when processing OMP and OAP requests. It has been identified that this vulnerability may allow unauthorised access to OpenVAS Manager and OpenVAS Administrator on vulnerable systems.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-11-09 CVE Reserved
- 2013-11-15 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://lists.wald.intevation.org/pipermail/openvas-announce/2013-November/000157.html | Mailing List | |
| http://www.openwall.com/lists/oss-security/2013/11/10/2 | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.openvas.org/OVSA20131108.html | 2014-05-20 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Openvas Search vendor "Openvas" | Openvas Administrator Search vendor "Openvas" for product "Openvas Administrator" | 1.2 Search vendor "Openvas" for product "Openvas Administrator" and version "1.2" | rc1 |
Affected
| ||||||
| Openvas Search vendor "Openvas" | Openvas Administrator Search vendor "Openvas" for product "Openvas Administrator" | 1.2.0 Search vendor "Openvas" for product "Openvas Administrator" and version "1.2.0" | - |
Affected
| ||||||
| Openvas Search vendor "Openvas" | Openvas Administrator Search vendor "Openvas" for product "Openvas Administrator" | 1.2.1 Search vendor "Openvas" for product "Openvas Administrator" and version "1.2.1" | - |
Affected
| ||||||
| Openvas Search vendor "Openvas" | Openvas Administrator Search vendor "Openvas" for product "Openvas Administrator" | 1.3 Search vendor "Openvas" for product "Openvas Administrator" and version "1.3" | beta1 |
Affected
| ||||||
| Openvas Search vendor "Openvas" | Openvas Administrator Search vendor "Openvas" for product "Openvas Administrator" | 1.3 Search vendor "Openvas" for product "Openvas Administrator" and version "1.3" | rc1 |
Affected
| ||||||
| Openvas Search vendor "Openvas" | Openvas Administrator Search vendor "Openvas" for product "Openvas Administrator" | 1.3.0 Search vendor "Openvas" for product "Openvas Administrator" and version "1.3.0" | - |
Affected
| ||||||
| Openvas Search vendor "Openvas" | Openvas Administrator Search vendor "Openvas" for product "Openvas Administrator" | 1.3.1 Search vendor "Openvas" for product "Openvas Administrator" and version "1.3.1" | - |
Affected
| ||||||