CVE-2013-2069

Name: CVE-2013-2069
Creator: NVD / NIST
Published: 2013-05-29T00:55:01.133+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.34%

Last modified Jun 16, 2026

CVE-2013-2069 is a vulnerability of currently unknown severity. Red Hat livecd-tools before 13.4.4, 17.x before 17.17, 18.x before 18.16, and 19.x before 19.3, when a rootpw directive is not set in a Kickstart file, sets the root user password to empty, which allows local users to gain privileges.. EPSS estimates a 0.34% chance of exploitation in the next 30 days.

Description

Red Hat livecd-tools before 13.4.4, 17.x before 17.17, 18.x before 18.16, and 19.x before 19.3, when a rootpw directive is not set in a Kickstart file, sets the root user password to empty, which allows local users to gain privileges.

Metrics

EPSS Probability

0.34%

26.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-264

Affected Software

Vendor	Product	Versions
Redhat	Livecd-Tools	< 13.4.4
Redhat	Livecd-Tools	>= 17.0, < 17.17
Redhat	Livecd-Tools	>= 18.0, < 18.16
Redhat	Livecd-Tools	>= 19.0, < 19.3

References

http://rhn.redhat.com/errata/RHSA-2013-0849.htmlVendor Advisory
http://www.openwall.com/lists/oss-security/2013/05/23/2Mailing List, Third Party Advisory
http://www.securityfocus.com/bid/60119Third Party Advisory, VDB Entry
https://aws.amazon.com/security/security-bulletins/red-hat-and-other-third-party-public-amis-security-concern/Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=964299Issue Tracking, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/84488Third Party Advisory, VDB Entry
http://rhn.redhat.com/errata/RHSA-2013-0849.htmlVendor Advisory
http://www.openwall.com/lists/oss-security/2013/05/23/2Mailing List, Third Party Advisory
http://www.securityfocus.com/bid/60119Third Party Advisory, VDB Entry
https://aws.amazon.com/security/security-bulletins/red-hat-and-other-third-party-public-amis-security-concern/Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=964299Issue Tracking, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/84488Third Party Advisory, VDB Entry

Timeline

Published: May 29, 2013
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2013-2069?

How severe is CVE-2013-2069?

Severity scoring for CVE-2013-2069 is pending analysis. The EPSS model estimates a 0.34% probability of exploitation in the next 30 days.

How do I fix CVE-2013-2069?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-2069?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST