Lucene search

PRIOn knowledge basePRION:CVE-2013-4310

HistorySep 30, 2013 - 9:55 p.m.

Design/Logic Flaw

2013-09-3021:55:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.015 Low

EPSS

Percentile

86.5%

JSON

Apache Struts 2.0.0 through 2.3.15.1 allows remote attackers to bypass access controls via a crafted action: prefix.

CPENameOperatorVersion
strutseq2.3.1.1
strutseq2.0.9
strutseq2.0.12
strutseq2.2.3.1
strutseq2.1.0
strutseq2.3.15
strutseq2.0.0
strutseq2.3.14
strutseq2.0.8
strutseq2.0.7

Name	Operator	Version
struts	eq	2.3.1.1
struts	eq	2.0.9
struts	eq	2.0.12
struts	eq	2.2.3.1
struts	eq	2.1.0
struts	eq	2.3.15
struts	eq	2.0.0
struts	eq	2.3.14
struts	eq	2.0.8
struts	eq	2.0.7

Rows per page:

1-10 of 451

References

archives.neohapsis.com/archives/bugtraq/2013-09/0107.html

archives.neohapsis.com/archives/bugtraq/2013-10/0083.html

secunia.com/advisories/54919

secunia.com/advisories/56483

secunia.com/advisories/56492

struts.apache.org/release/2.3.x/docs/s2-018.html

www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

www.securityfocus.com/bid/64758

www.securitytracker.com/id/1029077

7 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.015 Low

EPSS

Percentile

86.5%

JSON

Related for PRION:CVE-2013-4310