CVE-2013-7239

NONE EPSS 63.9%
Published Jan 13, 201412y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jan 13, 2014 12y ago
Last Modified Jun 17, 2026 2w ago

Description

memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.

Threat Intelligence

EPSS Exploit Probability
63.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-287 Improper Authentication Authentication

Affected Products 17

VendorProductVersionRange
memcachedmemcached* ≤1.4.16
memcachedmemcached1.4.0any
memcachedmemcached1.4.1any
memcachedmemcached1.4.2any
memcachedmemcached1.4.3any
memcachedmemcached1.4.4any
memcachedmemcached1.4.5any
memcachedmemcached1.4.6any
memcachedmemcached1.4.7any
memcachedmemcached1.4.8any
memcachedmemcached1.4.9any
memcachedmemcached1.4.10any
memcachedmemcached1.4.11any
memcachedmemcached1.4.12any
memcachedmemcached1.4.13any
memcachedmemcached1.4.14any
memcachedmemcached1.4.15any

References 6

Remediation

  • code.google.com https://code.google.com/p/memcached/wiki/ReleaseNotes1417
    Patch