How severe is CVE-2013-2264?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5 out of 10.

What type of vulnerability is CVE-2013-2264?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2013-2264

MEDIUM Year: 2013

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-200

View all →

Vulnerability Description

The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x before C.3.8.1; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones exhibits different behavior for invalid INVITE, SUBSCRIBE, and REGISTER transactions depending on whether the user account exists, which allows remote attackers to enumerate account names by (1) reading HTTP status codes, (2) reading additional text in a 403 (aka Forbidden) response, or (3) observing whether certain retransmissions occur.

CVE-2024-32037

NONE

CVSS:0.0(None)

GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch softw...

CWE-2002024

CVE-2017-2320

CRITICAL

CVSS:10.0(Critical)

A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various denials o...

CWE-2002017

CVE-2019-5016

CRITICAL

CVSS:10.0(Critical)

An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potenti...

CWE-2002019

CVE-2020-13702

CRITICAL

CVSS:10.0(Critical)

The Rolling Proximity Identifier used in the Apple/Google Exposure Notification API beta through 2020-05-29 enables attackers to circumvent Bluetooth Smart Privacy because there is a secondary tempora...

CWE-2002020

CVE-2022-29165

CRITICAL

CVSS:10.0(Critical)

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A critical vulnerability has been discovered in Argo CD starting with version 1.4.0 and prior to versions 2.1.15, 2.2.9, and 2...

CWE-2002022

CVE-2025-22612

CRITICAL

CVSS:10.0(Critical)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.374, the missing authorization allows an authenticated user to retrieve ...

CWE-2002025

CVE-2013-2264

Vulnerability Description

Related Vulnerabilities

CVE-2024-32037

CVE-2017-2320

CVE-2019-5016

CVE-2020-13702

CVE-2022-29165

CVE-2025-22612