Lucene search
PRIOn knowledge basePRION:CVE-2013-1965HistoryJul 10, 2013 - 7:55 p.m.
Design/Logic Flaw
2013-07-1019:55:00
PRIOn knowledge base
www.prio-n.com
3
7.8 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.008 Low
EPSS
Percentile
81.4%
Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.
| CPE | Name | Operator | Version |
|---|---|---|---|
| struts | ge | 2.0.0 | |
| struts | lt | 2.3.14.1 | |
| struts2-showcase | ge | 2.0.0 | |
| struts2-showcase | le | 2.3.13 |
Related
nessus
nessus
dsquare
dsquare
Apache-Struts Showcase < 2.3.14.1 RCE Linux
2013-10-17 00:00:00
ubuntucve
ubuntucve
CVE-2013-1965
2013-07-10 00:00:00
openvas
openvas
Apache Struts Security Update (S2-012) - Active Check
2012-08-31 00:00:00
Apache Struts Security Update (S2-012, S2-015) - Version Check
2021-09-14 00:00:00
cve
cve
CVE-2013-1965
2013-07-10 19:55:00
github
github
Improper Control of Generation of Code in Apache Struts
2022-05-14 00:54:15
nuclei
nuclei
Apache Struts2 S2-012 RCE
2021-02-22 12:28:11
osv
osv
Improper Control of Generation of Code in Apache Struts
2022-05-14 00:54:15
wallarmlab
wallarmlab
New Struts2 Remote Code Execution exploit caught in the wild
2017-03-09 00:15:54
7.8 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.008 Low
EPSS
Percentile
81.4%
Related for PRION:CVE-2013-1965