Security Advisory

CVE-2013-1814

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-03-14 00:00:00

Last updated 2024-09-17 02:05:51

Assigner redhat

State PUBLISHED

Description

The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response.

← Browse all CVEs View on cve.org ↗