1. Home
  2. Vulnerabilities
  3. CVE-2013-4547

CVE-2013-4547

CVSS v2.0 7.5 (High)
75% Progress
EPSS 95.43 % (99th)
95.43% Progress
Affected Products 5
Advisories 6
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.

Weaknesses
CWE-116
Improper Encoding or Escaping of Output
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2013-11-23 18:55:04
(10 years ago)
Updated Date
2021-11-10 15:59:33
(2 years ago)

Affected Products

F5

Opensuse

Suse

Configuration #1

    CPE23 From Up To
  F5 Nginx from 0.8.41 version and prior 1.4.4 version cpe:2.3:a:f5:nginx >= 0.8.41 < 1.4.4
  F5 Nginx from 1.5.0 version and 1.5.6 and prior versions cpe:2.3:a:f5:nginx >= 1.5.0 <= 1.5.6

Configuration #2

    CPE23 From Up To
  Suse Lifecycle Management Server 1.3 cpe:2.3:a:suse:lifecycle_management_server:1.3
  Suse Studio Onsite 1.3 cpe:2.3:a:suse:studio_onsite:1.3
  Suse Webyast 1.3 cpe:2.3:a:suse:webyast:1.3
  Opensuse 11.4 cpe:2.3:o:opensuse:opensuse:11.4
  Opensuse 12.2 cpe:2.3:o:opensuse:opensuse:12.2
  Opensuse 12.3 cpe:2.3:o:opensuse:opensuse:12.3
  Opensuse 13.1 cpe:2.3:o:opensuse:opensuse:13.1