{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The OSAL_Crypt_SetEncryptedPassword function in InfraStack/OSDependent/Linux/OSAL/Services/wimax_osal_crypt_services.c in the OSAL crypt module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices logs a cleartext password during certain attempts to set a password, which allows local users to obtain sensitive information by reading a log file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2013-08-25T01:00:00Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=911121"}, {"name": "[oss-security] 20130808 Re: CVE Request -- Four flaws in WiMAX (afaik upstream is dead for this)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2013/08/08/17"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T16:38:01.670Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=911121"}, {"name": "[oss-security] 20130808 Re: CVE Request -- Four flaws in WiMAX (afaik upstream is dead for this)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2013/08/08/17"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-4217", "state": "PUBLISHED", "dateReserved": "2013-06-12T00:00:00Z", "datePublished": "2013-08-25T01:00:00Z", "dateUpdated": "2024-08-06T16:38:01.670Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:intel:wimax_network_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5CB891D-3239-42B6-AE62-260CF80DA80C", "versionEndIncluding": "1.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:intel:wimax_network_service:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "3541BA34-6780-4449-ADA7-F84642D6672F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The OSAL_Crypt_SetEncryptedPassword function in InfraStack/OSDependent/Linux/OSAL/Services/wimax_osal_crypt_services.c in the OSAL crypt module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices logs a cleartext password during certain attempts to set a password, which allows local users to obtain sensitive information by reading a log file."}, {"lang": "es", "value": "La funci\u00f3n OSAL_Crypt_SetEncryptedPassword en InfraStack/OSDependent/Linux/OSAL/Services/wimax_osal_crypt_services.c en el modulo criptografico OSAL en Intel WiMAX Network Service hasta v1.5.2 para dispositivos Intel Wireless WiMAX Connection 2400 registra una contrase\u00f1a sin cifrar durante ciertos intentos de establecer una contrase\u00f1a, lo que permite a usuarios locales obtener informaci\u00f3n sensible mediante la lectura de un archivo de registro."}], "id": "CVE-2013-4217", "lastModified": "2013-08-26T18:29:32.770", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-08-25T03:27:32.870", "references": [{"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2013/08/08/17"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=911121"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}