Vulnerability Name:

CVE-2013-6172 (CCN-88252)

Assigned:2013-10-21
Published:2013-10-21
Updated:2014-03-26
Summary:steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the _session parameter, which can be leveraged to read arbitrary files, conduct SQL injection attacks, and execute arbitrary code.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-89
Vulnerability Consequences:File Manipulation
References:Source: MITRE
Type: CNA
CVE-2013-6172

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2014:0365

Source: CCN
Type: RoundCube Web site
Security updates 0.9.5 and 0.8.7

Source: CONFIRM
Type: Patch, Vendor Advisory
http://roundcube.net/news/2013/10/21/security-updates-095-and-087/

Source: CCN
Type: SA55286
RoundCube Webmail "_session" Handling Data Manipulation Vulnerability

Source: CONFIRM
Type: Patch
http://trac.roundcube.net/ticket/1489382

Source: DEBIAN
Type: UNKNOWN
DSA-2787

Source: DEBIAN
Type: DSA-2787
roundcube -- design error

Source: CONFIRM
Type: UNKNOWN
http://www.interworx.com/developers/changelog/version-5-0-13-build-574-2014-02-19

Source: CCN
Type: BID-63300
RoundCube Webmail '_session' Parameter Remote Security Vulnerability

Source: XF
Type: UNKNOWN
roundcube-cve20136172-file-overwrite(88252)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2013-6172

Vulnerable Configuration:Configuration 1:
  • cpe:/a:roundcube:webmail:0.1:-:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.1:20050811:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.1:20050820:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.1:20051007:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.1:20051021:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.1:alpha:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.1:beta:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.1:beta2:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.1:rc1:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.1:rc2:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.1:stable:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.2:-:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.2:alpha:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.2:beta:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.2:stable:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.3:-:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.3:beta:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.3:rc1:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.3:stable:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.4:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.4:beta:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.5:-:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.5:beta:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.5:rc:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.6:-:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.7:-:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.8.0:-:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.8.2:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.8.3:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.8.4:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.8.5:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:*:*:*:*:*:*:*:* (Version <= 0.8.6)
  • OR cpe:/a:roundcube:webmail:0.9:beta:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.9:rc:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.9:rc2:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.9.0:-:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.9.3:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.9.4:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:roundcube:webmail:0.9.4:*:*:*:*:*:*:*
  • OR cpe:/a:roundcube:webmail:0.8.6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20136172
    V
    		CVE-2013-6172
    2022-06-30
    oval:org.opensuse.security:def:113340
    P
    		roundcubemail-1.2.3-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:106747
    P
    		Security update for aaa_base (Moderate)
    2021-12-03
    oval:org.mitre.oval:def:19395
    P
    		DSA-2787-1 roundcube - design error
    2014-06-23
    oval:com.ubuntu.precise:def:20136172000
    V
    		CVE-2013-6172 on Ubuntu 12.04 LTS (precise) - medium.
    2013-11-05
    oval:com.ubuntu.trusty:def:20136172000
    V
    		CVE-2013-6172 on Ubuntu 14.04 LTS (trusty) - medium.
    2013-11-05
    oval:com.ubuntu.xenial:def:201361720000000
    V
    		CVE-2013-6172 on Ubuntu 16.04 LTS (xenial) - medium.
    2013-11-05
    oval:com.ubuntu.xenial:def:20136172000
    V
    		CVE-2013-6172 on Ubuntu 16.04 LTS (xenial) - medium.
    2013-11-05
    BACK
    roundcube webmail 0.1
    roundcube webmail 0.1 20050811
    roundcube webmail 0.1 20050820
    roundcube webmail 0.1 20051007
    roundcube webmail 0.1 20051021
    roundcube webmail 0.1 alpha
    roundcube webmail 0.1 beta
    roundcube webmail 0.1 beta2
    roundcube webmail 0.1 rc1
    roundcube webmail 0.1 rc2
    roundcube webmail 0.1 stable
    roundcube webmail 0.1.1
    roundcube webmail 0.2
    roundcube webmail 0.2 alpha
    roundcube webmail 0.2 beta
    roundcube webmail 0.2 stable
    roundcube webmail 0.2.1
    roundcube webmail 0.2.2
    roundcube webmail 0.3
    roundcube webmail 0.3 beta
    roundcube webmail 0.3 rc1
    roundcube webmail 0.3 stable
    roundcube webmail 0.3.1
    roundcube webmail 0.4
    roundcube webmail 0.4 beta
    roundcube webmail 0.4.1
    roundcube webmail 0.4.2
    roundcube webmail 0.5
    roundcube webmail 0.5 beta
    roundcube webmail 0.5 rc
    roundcube webmail 0.5.1
    roundcube webmail 0.5.2
    roundcube webmail 0.5.3
    roundcube webmail 0.5.4
    roundcube webmail 0.6
    roundcube webmail 0.7
    roundcube webmail 0.7.1
    roundcube webmail 0.7.2
    roundcube webmail 0.7.3
    roundcube webmail 0.8.0
    roundcube webmail 0.8.1
    roundcube webmail 0.8.2
    roundcube webmail 0.8.3
    roundcube webmail 0.8.4
    roundcube webmail 0.8.5
    roundcube webmail *
    roundcube webmail 0.9 beta
    roundcube webmail 0.9 rc
    roundcube webmail 0.9 rc2
    roundcube webmail 0.9.0
    roundcube webmail 0.9.1
    roundcube webmail 0.9.2
    roundcube webmail 0.9.3
    roundcube webmail 0.9.4
    roundcube webmail 0.9.4
    roundcube webmail 0.8.6