Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2014:0124
HistoryJan 30, 2014 - 8:12 p.m.

(RHSA-2014:0124) Important: Apache Camel security update

2014-01-3020:12:53
access.redhat.com
14

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

82.7%

JSON

Apache Camel is a versatile open-source integration framework based on
known Enterprise Integration Patterns.

A flaw was found in Apache Camel’s parsing of the FILE_NAME header. A
remote attacker able to submit messages to a Camel route, which would write
the provided message to a file, could provide expression language (EL)
expressions in the FILE_NAME header that would be evaluated on the
server. This could lead to arbitrary remote code execution in the context
of the Camel server process. (CVE-2013-4330)

All users of Red Hat JBoss Fuse Service Works 6.0.0 as provided from the
Red Hat Customer Portal are advised to apply this update.

Related

osv 1
prion 1
github 1
cve 1
redhat 4
nessus 2
ibm 2
osv
osv
Improper Control of Generation of Code in Apache Camel
2022-05-13 01:26:34
prion
prion
Code injection
2013-10-04 17:55:00
github
github
Improper Control of Generation of Code in Apache Camel
2022-05-13 01:26:34
cve
cve
CVE-2013-4330
2013-10-04 17:55:00
redhat
redhat
(RHSA-2013:1410) Important: Red Hat JBoss Fuse/A-MQ 6.0.0 patch 4
2013-10-07 00:00:00
(RHSA-2014:0254) Important: activemq security update
2014-03-05 00:00:00
(RHSA-2014:0245) Important: activemq security update
2014-03-03 00:00:00
nessus
nessus
RHEL 6 : activemq (RHSA-2014:0254)
2018-12-04 00:00:00
RHEL 6 : activemq (RHSA-2014:0245)
2018-12-04 00:00:00
ibm
ibm
Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Apache Camel
2023-03-07 05:15:04
Security Bulletin: Multiple vulnerabilities in Apache Camel core affect IBM Application Performance Management products
2023-09-25 09:06:33

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

82.7%

JSON
Related for RHSA-2014:0124
osv1prion1github1cve1redhat4nessus2ibm2