← Back

CVE-2014-0103

nvd nist
Published: Jul 29, 2014Modified: May 6, 2026

JSON object

Loading...
2.1
Vector
AV:L/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 3.9 / Impact: 2.9
Source: NVD

Description

WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.

Affected (24)

Fedoraproject
1 product
Fedora
Zarafa
2 products
Webapp
Zarafa
Configuration A
24 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 19
Fedora
Version 20
Webapp
Up to 1.5
Zarafa
Zarafa
Up to 7.1.9
Zarafa
Version 7.0.10
Zarafa
Version 7.0.11
Zarafa
Version 7.0.12
Zarafa
Version 7.0.13
Zarafa
Version 7.0.1
Zarafa
Version 7.0.2
Zarafa
Version 7.0.3
Zarafa
Version 7.0.4
Zarafa
Version 7.0.5
Zarafa
Version 7.0.6
Zarafa
Version 7.0.7
Zarafa
Version 7.0.8
Zarafa
Version 7.0.9
Zarafa
Version 7.0
Zarafa
Version 7.1.0
Zarafa
Version 7.1.1
Zarafa
Version 7.1.2
Zarafa
Version 7.1.3
Zarafa
Version 7.1.4
Zarafa
Version 7.1.8

Related CWEs

CWE-310
CWE-310

References (12)

Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.