Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2013-4521
HistoryFeb 06, 2020 - 4:15 p.m.

Deserialization of untrusted data

2020-02-0616:15:00
PRIOn knowledge base
www.prio-n.com
5

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.026 Low

EPSS

Percentile

90.1%

JSON

RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data. NOTE: this vulnerability may overlap CVE-2013-2165.

Related

cve 2
cvelist 2
ibm 1
redhat 3
osv 1
nessus 3
jvn 1
seebug 1
hackerone 1
prion 1
ubuntucve 1
github 1
veracode 1
cve
cve
CVE-2013-4521
2020-02-06 16:15:00
CVE-2013-2165
2013-07-23 11:03:00
cvelist
cvelist
CVE-2013-4521
2020-02-06 15:43:41
CVE-2013-2165
2013-07-22 19:00:00
ibm
ibm
Security Bulletin: IBM Security Verify Governance is vulnerable to remote attacks to execute arbitrary code on the system [CVE-2013-4521, CVE-2013-2165 and CVE-2018-14667]
2023-04-13 10:18:40
redhat
redhat
(RHSA-2013:1044) Critical: jboss-seam2 security update
2013-07-10 00:00:00
(RHSA-2013:1043) Critical: richfaces security update
2013-07-10 00:00:00
(RHSA-2013:1042) Critical: richfaces security update
2013-07-10 00:00:00
osv
osv
Remote code execution due to insecure deserialization
2022-05-13 01:27:59
nessus
nessus
RHEL 5 / 6 : richfaces in JBoss EWP (RHSA-2013:1043)
2014-06-28 00:00:00
RHEL 5 / 6 : richfaces (RHSA-2013:1042)
2013-07-11 00:00:00
RHEL 5 : jboss-seam2 (RHSA-2013:1044)
2013-07-11 00:00:00
jvn
jvn
JVN#38787103: JBoss RichFaces vulnerable to remote code execution
2013-07-19 00:00:00
seebug
seebug
JBoss RichFaces θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž(CVE-2013-2165)
2013-07-17 00:00:00
hackerone
hackerone
U.S. Dept Of Defense: Remote Code Execution (RCE) in DoD Websites
2017-06-01 20:39:34
prion
prion
Deserialization of untrusted data
2013-07-23 11:03:00
ubuntucve
ubuntucve
CVE-2013-2165
2013-07-23 00:00:00
github
github
Remote code execution due to insecure deserialization
2022-05-13 01:27:59
veracode
veracode
Remote Code Execution Through Deserialization Attack
2019-01-15 08:55:59

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.026 Low

EPSS

Percentile

90.1%

JSON
Related for PRION:CVE-2013-4521
cve2cvelist2ibm1redhat3osv1nessus3jvn1seebug1hackerone1prion1ubuntucve1github1veracode1