fkie_cve-2013-0922
Vulnerability from fkie_nvd
Published
2013-03-28 12:18
Modified
2025-04-11 00:51
Severity ?
Summary
Google Chrome before 26.0.1410.43 does not properly restrict brute-force access attempts against web sites that require HTTP Basic Authentication, which has unspecified impact and attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome | * | ||
| chrome | 26.0.1410.0 | ||
| chrome | 26.0.1410.1 | ||
| chrome | 26.0.1410.2 | ||
| chrome | 26.0.1410.3 | ||
| chrome | 26.0.1410.4 | ||
| chrome | 26.0.1410.5 | ||
| chrome | 26.0.1410.6 | ||
| chrome | 26.0.1410.7 | ||
| chrome | 26.0.1410.8 | ||
| chrome | 26.0.1410.9 | ||
| chrome | 26.0.1410.10 | ||
| chrome | 26.0.1410.11 | ||
| chrome | 26.0.1410.12 | ||
| chrome | 26.0.1410.14 | ||
| chrome | 26.0.1410.15 | ||
| chrome | 26.0.1410.16 | ||
| chrome | 26.0.1410.17 | ||
| chrome | 26.0.1410.18 | ||
| chrome | 26.0.1410.19 | ||
| chrome | 26.0.1410.20 | ||
| chrome | 26.0.1410.21 | ||
| chrome | 26.0.1410.22 | ||
| chrome | 26.0.1410.23 | ||
| chrome | 26.0.1410.24 | ||
| chrome | 26.0.1410.25 | ||
| chrome | 26.0.1410.26 | ||
| chrome | 26.0.1410.27 | ||
| chrome | 26.0.1410.28 | ||
| chrome | 26.0.1410.29 | ||
| chrome | 26.0.1410.30 | ||
| chrome | 26.0.1410.31 | ||
| chrome | 26.0.1410.32 | ||
| chrome | 26.0.1410.33 | ||
| chrome | 26.0.1410.34 | ||
| chrome | 26.0.1410.35 | ||
| chrome | 26.0.1410.36 | ||
| chrome | 26.0.1410.37 | ||
| chrome | 26.0.1410.38 | ||
| chrome | 26.0.1410.39 | ||
| chrome | 26.0.1410.40 | ||
| chrome | 26.0.1410.41 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F72EE3E3-8EE6-4853-A1B2-6855692537FA",
"versionEndIncluding": "26.0.1410.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F4CDAF7-8642-4D9A-AF2B-3A98CE06FF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52A0DF33-B8F0-4AA2-A345-480635491764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFD9431-A7BA-48A7-A2A4-4F8A45342FF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DE3D7FB4-3C50-4E8E-BE5A-E641801FCD9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BCBEFEAF-4F12-4680-A9F0-6E9CD9C0022C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.5:*:*:*:*:*:*:*",
"matchCriteriaId": "14E21FAC-7A9C-4A80-8AAD-B5A979BA5DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B6D8F487-A867-4AD6-A499-F04FCF86D3E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.7:*:*:*:*:*:*:*",
"matchCriteriaId": "692F3B89-3497-4306-AE8B-03E95DDD5DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F33FC703-CBB3-4A3E-B855-2A5B08E4892C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7409E417-8B13-44D4-9147-49B4DAAAA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDCAE6B-96EC-4AAF-BE38-2D0D2BD3E4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.11:*:*:*:*:*:*:*",
"matchCriteriaId": "39D7F7CE-181F-4CA6-858E-9A4DC2D5989F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.12:*:*:*:*:*:*:*",
"matchCriteriaId": "419AA074-3C1C-47C8-A73D-4258FC0F2ED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.14:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC44188-8111-4638-AED9-8A9DA705166B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7A750031-6940-4B7F-94FD-6BFB5FB3CB06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E86B5766-B743-479C-89CC-D155AD5102FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.17:*:*:*:*:*:*:*",
"matchCriteriaId": "105E7299-043D-44BF-A2B5-B840F4A03433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3BA3D5FC-A5A6-4C1A-9A16-D4A004681CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C034C7D8-BDD2-4D46-B59F-1A8D035E1973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2E576200-FB39-4AAC-A33B-F9395CDAC483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.21:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED327A7-1364-4940-831A-34B2887281E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.22:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C53DCD-4099-4D68-BDB7-C9898473C970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.23:*:*:*:*:*:*:*",
"matchCriteriaId": "9197B2E8-E9BA-41B2-A210-545F327AD21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.24:*:*:*:*:*:*:*",
"matchCriteriaId": "0A86BF63-12CD-41A9-82FF-0C9C851F84A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.25:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6FD260-8D91-434D-B87D-909C4070D436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F79CF3-34F4-42F8-8799-49944EAFDD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.27:*:*:*:*:*:*:*",
"matchCriteriaId": "5D665211-DA82-43AB-98AC-EBBD86E096A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.28:*:*:*:*:*:*:*",
"matchCriteriaId": "F042B2F8-4025-48DE-BB44-093F92E58970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.29:*:*:*:*:*:*:*",
"matchCriteriaId": "DD47238E-6485-4347-8FAE-DA8832514F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.30:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4626AE-3EE8-4CAB-8654-92BC83609AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.31:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE94F92-172B-467E-BC27-4A038D7E0345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.32:*:*:*:*:*:*:*",
"matchCriteriaId": "937DCEB1-13A7-41BA-B890-6DC584498DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.33:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1D2AA2-3FBA-4893-B2A5-60F6AF893AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.34:*:*:*:*:*:*:*",
"matchCriteriaId": "8236329F-EF2B-4912-B54D-ECA8A5E40A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.35:*:*:*:*:*:*:*",
"matchCriteriaId": "22E0AA41-7BC1-4928-879C-319455EF0B68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.36:*:*:*:*:*:*:*",
"matchCriteriaId": "E82909AE-45A3-4D96-AA00-AB54990DD8AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.37:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3FA9D3-C2E3-430D-8A93-A04D3EF563C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.38:*:*:*:*:*:*:*",
"matchCriteriaId": "1B773C98-F324-4BFC-907F-5260F98D8BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.39:*:*:*:*:*:*:*",
"matchCriteriaId": "9F252A00-1752-4A58-A22F-091D881D969A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.40:*:*:*:*:*:*:*",
"matchCriteriaId": "6E7D31A9-1C01-41B8-8734-2E5BDDA04228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:26.0.1410.41:*:*:*:*:*:*:*",
"matchCriteriaId": "56840488-CC3C-48BA-B0FF-AD6948D0A589",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Google Chrome before 26.0.1410.43 does not properly restrict brute-force access attempts against web sites that require HTTP Basic Authentication, which has unspecified impact and attack vectors."
},
{
"lang": "es",
"value": "Google Chrome versiones anteriores a v26.0.1410.43 no restringe adecuadamente los intentos de acceso por fuerza bruta a los sitios web que requieren autenticaci\u00f3n b\u00e1sica HTTP, teniendo un impacto y vectores de ataque no especificados."
}
],
"id": "CVE-2013-0922",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-28T12:18:52.107",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_26.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://code.google.com/p/chromium/issues/detail?id=174129"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://code.google.com/p/chromium/issues/detail?id=174129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16215"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…