CVE-2013-7239

N/A Unknown
Published: January 13, 2014 Modified: April 29, 2026
View on NVD

Description

memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://seclists.org/oss-sec/2013/q4/572
Source: security@debian.org
http://secunia.com/advisories/56183
Source: security@debian.org
Vendor Advisory
http://www.debian.org/security/2014/dsa-2832
Source: security@debian.org
http://www.securityfocus.com/bid/64559
Source: security@debian.org
http://www.ubuntu.com/usn/USN-2080-1
Source: security@debian.org
https://code.google.com/p/memcached/wiki/ReleaseNotes1417
Source: security@debian.org
Patch
http://seclists.org/oss-sec/2013/q4/572
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/56183
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.debian.org/security/2014/dsa-2832
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/64559
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-2080-1
Source: af854a3a-2127-422b-91ae-364da2661108
https://code.google.com/p/memcached/wiki/ReleaseNotes1417
Source: af854a3a-2127-422b-91ae-364da2661108
Patch

12 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.3%
53th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-287

Affected Vendors

memcached

Related CVEs

CVE-2026-8654 N/A
CVE-2026-6646 6.4
CVE-2026-4094 8.1
CVE-2026-41702 7.8
CVE-2026-43490 N/A