Home > Vulnerability Database > CVE-2014-125056

Mend.io Vulnerability Database

CVE-2014-125056

Date: January 7, 2023

A vulnerability was found in Pylons horus and classified as problematic. Affected by this issue is some unknown functionality of the file horus/flows/local/services.py. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitation is known to be difficult. The patch is identified as fd56ccb62ce3cbdab0484fe4f9c25c4eda6c57ec. It is recommended to apply a patch to fix this issue. VDB-217598 is the identifier assigned to this vulnerability.

Language: Python

Severity Score

2.6

Related Resources (5)

Url: https://vuldb.com/?id.217598

Url: https://github.com/Pylons/horus/commit/fd56ccb62ce3cbdab0484fe4f9c25c4eda6c57ec

Url: https://nvd.nist.gov/vuln/detail/CVE-2014-125056

Url: https://vuldb.com/?ctiid.217598

Url: https://www.mend.io/vulnerability-database/CVE-2014-125056

Severity Score

2.6

Weakness Type (CWE)

Observable Timing Discrepancy

CWE-208

CVSS v3.1

Base Score:	2.6
Attack Vector (AV):	ADJACENT_NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	1.4
Access Vector (AV):	ADJACENT
Access Complexity (AC):	HIGH
Authentication (AU):	SINGLE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2014-125056

Date: January 7, 2023

Language: Python

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?