Lucene search
HistoryAug 16, 2013 - 4:55 p.m.
CVE-2013-4213
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
6.5 Medium
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.6%
Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by the EJB client API, which allows remote attackers to hijack sessions by using an EJB client.
Affected configurations
Node
redhatjboss_enterprise_application_platformMatch6.1.0
References
Related
seebug
seebug
prion
prion
Design/Logic Flaw
2013-08-16 16:55:00
cvelist
cvelist
CVE-2013-4213
2013-08-16 16:00:00
cve
cve
CVE-2013-4213
2013-08-16 16:55:46
ubuntucve
ubuntucve
CVE-2013-4213
2013-08-16 00:00:00
redhat
redhat
nessus
nessus
RHEL 5 / 6 : JBoss EAP (RHSA-2013:1151)
2013-08-13 00:00:00
Red Hat JBoss Enterprise Application Platform 6.1.0 Security Update (RHSA-2013:1152)
2014-02-03 00:00:00
JBoss Portal 6.1.0 Update (RHSA-2013:1437)
2014-01-31 00:00:00
veracode
veracode
Weak Authentication
2019-05-02 04:48:27
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
6.5 Medium
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.6%
Related for NVD:CVE-2013-4213