CVE-2013-4212
7.4 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.961 High
EPSS
Percentile
99.5%
Certain getText methods in the ActionSupport controller in Apache Roller before 5.0.2 allow remote attackers to execute arbitrary OGNL expressions via the first or second parameter, as demonstrated by the pageTitle parameter in the !getPageTitle sub-URL to roller-ui/login.rol, which uses a subclass of UIAction, aka “OGNL Injection.”
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache:roller | apache roller | le | 5.0.1 |
| apache:roller | apache roller | eq | 4.0 |
| apache:roller | apache roller | eq | 4.0.1 |
| apache:roller | apache roller | eq | 5.0 |
References
rollerweblogger.org/project/entry/apache_roller_5_0_2
secunia.com/advisories/55862
secunia.com/advisories/55877
security.coverity.com/advisory/2013/Oct/remote-code-execution-in-apache-roller-via-ognl-injection.html
www.exploit-db.com/exploits/29859
www.osvdb.org/100342
exchange.xforce.ibmcloud.com/vulnerabilities/89239
Related
7.4 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.961 High
EPSS
Percentile
99.5%