{"api_version":"1","generated_at":"2026-06-20T21:23:20+00:00","cve":"CVE-2013-5024","urls":{"html":"https://cve.report/CVE-2013-5024","api":"https://cve.report/api/cve/CVE-2013-5024.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2013-5024","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2013-5024"},"summary":{"title":"CVE-2013-5024","description":"An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to obtain sensitive information about the existence of registry keys via crafted (1) key-open or (2) key-close method calls.","state":"PUBLISHED","assigner":"mitre","published_at":"2013-08-06 20:55:05","updated_at":"2026-04-29 01:13:23"},"problem_types":["NVD-CWE-noinfo","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.3","severity":"","vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument","name":"http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"How Do The NI Q2 2013 Security Updates Affect Me? - National Instruments","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://digital.ni.com/public.nsf/websearch/D8E97E95D59AC17086257B3600508823?OpenDocument","name":"http://digital.ni.com/public.nsf/websearch/D8E97E95D59AC17086257B3600508823?OpenDocument","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"How Does NI Security Update 67L8KSQW for NI .NET Class Library Help Affect Me? - National Instruments","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://digital.ni.com/public.nsf/allkb/548965C170D6AA2586257BD3004B146B?OpenDocument","name":"http://digital.ni.com/public.nsf/allkb/548965C170D6AA2586257BD3004B146B?OpenDocument","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"What is the Nature of Software Vulnerability NI-64BG6SWQ-4? - National Instruments","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2013-5024","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-5024","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2013","cve_id":"5024","vulnerable":"1","versionEndIncluding":"2013","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ni","cpe5":"measurementstudio","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T16:59:41.194Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://digital.ni.com/public.nsf/websearch/D8E97E95D59AC17086257B3600508823?OpenDocument"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://digital.ni.com/public.nsf/allkb/548965C170D6AA2586257BD3004B146B?OpenDocument"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2013-05-20T00:00:00.000Z","descriptions":[{"lang":"en","value":"An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to obtain sensitive information about the existence of registry keys via crafted (1) key-open or (2) key-close method calls."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2013-09-17T09:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://digital.ni.com/public.nsf/websearch/D8E97E95D59AC17086257B3600508823?OpenDocument"},{"tags":["x_refsource_CONFIRM"],"url":"http://digital.ni.com/public.nsf/allkb/548965C170D6AA2586257BD3004B146B?OpenDocument"},{"tags":["x_refsource_CONFIRM"],"url":"http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2013-5024","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to obtain sensitive information about the existence of registry keys via crafted (1) key-open or (2) key-close method calls."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://digital.ni.com/public.nsf/websearch/D8E97E95D59AC17086257B3600508823?OpenDocument","refsource":"CONFIRM","url":"http://digital.ni.com/public.nsf/websearch/D8E97E95D59AC17086257B3600508823?OpenDocument"},{"name":"http://digital.ni.com/public.nsf/allkb/548965C170D6AA2586257BD3004B146B?OpenDocument","refsource":"CONFIRM","url":"http://digital.ni.com/public.nsf/allkb/548965C170D6AA2586257BD3004B146B?OpenDocument"},{"name":"http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument","refsource":"CONFIRM","url":"http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2013-5024","datePublished":"2013-08-06T18:00:00.000Z","dateReserved":"2013-07-31T00:00:00.000Z","dateUpdated":"2024-08-06T16:59:41.194Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2013-08-06 20:55:05","lastModifiedDate":"2026-04-29 01:13:23","problem_types":["NVD-CWE-noinfo","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ni:measurementstudio:*:*:*:*:*:*:*:*","versionEndIncluding":"2013","matchCriteriaId":"A12E5F42-B2FC-48F4-8D04-5B59A3869461"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2013","CveId":"5024","Ordinal":"1","Title":"CVE-2013-5024","CVE":"CVE-2013-5024","Year":"2013"},"notes":[{"CveYear":"2013","CveId":"5024","Ordinal":"1","NoteData":"An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to obtain sensitive information about the existence of registry keys via crafted (1) key-open or (2) key-close method calls.","Type":"Description","Title":"CVE-2013-5024"},{"CveYear":"2013","CveId":"5024","Ordinal":"2","NoteData":"2013-08-06","Type":"Other","Title":"Published"},{"CveYear":"2013","CveId":"5024","Ordinal":"3","NoteData":"2013-09-17","Type":"Other","Title":"Modified"}]}}}