Search for vulnerabilities
Vulnerability details: VCID-xeyw-byt7-aaan
Vulnerability ID VCID-xeyw-byt7-aaan
Aliases CVE-2014-1693
Summary Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the (1) user, (2) account, (3) cd, (4) ls, (5) nlist, (6) rename, (7) delete, (8) mkdir, (9) rmdir, (10) recv, (11) recv_bin, (12) recv_chunk_start, (13) send, (14) send_bin, (15) send_chunk_start, (16) append_chunk_start, (17) append, or (18) append_bin command.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
generic_textual Low http://erlang.org/pipermail/erlang-bugs/2014-January/003998.html
generic_textual Low http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1693.html
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00588 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00641 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00641 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00641 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00641 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00641 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00641 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00641 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00641 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.00983 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01314 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01314 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01314 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01366 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01366 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01366 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01366 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01366 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01366 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01366 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01366 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01366 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01385 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01385 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01385 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
epss 0.01385 https://api.first.org/data/v1/epss?cve=CVE-2014-1693
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1693
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2014-1693
generic_textual Medium https://ubuntu.com/security/notices/USN-3571-1
generic_textual Medium http://www.openwall.com/lists/oss-security/2014/01/29
generic_textual Low http://www.openwall.com/lists/oss-security/2014/01/29/3
Reference id Reference type URL
http://advisories.mageia.org/MGASA-2014-0553.html
http://erlang.org/pipermail/erlang-bugs/2014-January/003998.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145017.html
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1693.html
https://api.first.org/data/v1/epss?cve=CVE-2014-1693
https://bugzilla.redhat.com/show_bug.cgi?id=1059331
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1693
http://seclists.org/oss-sec/2014/q1/163
https://ubuntu.com/security/notices/USN-3571-1
https://usn.ubuntu.com/3571-1/
http://www.mandriva.com/security/advisories?name=MDVSA-2015:174
http://www.openwall.com/lists/oss-security/2014/01/29
http://www.openwall.com/lists/oss-security/2014/01/29/3
738132 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738132
cpe:2.3:a:erlang:erlang\/otp:r15b03:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:r15b03:*:*:*:*:*:*:*
CVE-2014-1693 https://nvd.nist.gov/vuln/detail/CVE-2014-1693
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2014-1693
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.66715
EPSS Score 0.00588
Published At April 8, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.