Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/03/29 1:48 a.m.56 views

Security Bulletin: IBM SAN Volume Controller and Storwize Family security vulnerabilities (CVE-2013-4310 CVE-2013-4316)

Summary Security Bulletin: IBM SAN Volume Controller and Storwize Family security vulnerabilities CVE-2013-4310 CVE-2013-4316 Vulnerability Details Security Bulletin --- Summary --- Administrative access to the system via the IP interface may be obtained without authentication. Vulnerability...

10CVSS9.7AI score0.08333EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/26 4:23 a.m.46 views

Security Bulletin: IBM Storwize V7000 Unified V1.4.2.1 Includes Fixes for IBM Storwize V7000 Security Vulnerabilities (CVE-2013-4310 CVE-2013-4316)

Abstract IBM Storwize V7000 Unified includes fixes for security vulnerabilities in IBM Storwize V7000. Administrative access to the IBM Storwize V7000 via the IP interface may be obtained without authentication. Content Please note that below vulnerabilities are applicable to IBM Storwize V7000...

10CVSS8.1AI score0.08333EPSS
Exploits2Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/17 4:44 a.m.4 views

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +172 more potentially affected by CVE-2013-4310 via org.apache.struts:struts2-core (>=2.0.5 <=2.3.15.2)

org.apache.struts:struts2-core MAVEN version =2.0.5, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.0, =1.0.3, =0.6, =3.0, =5.0.1 and more Source cves: CVE-2013-4310 Source advisory: OSV:GHSA-Q5Q8-JGHF-3PM3...

5.8CVSS7.5AI score0.07457EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/09/10 12:0 a.m.72 views

Apache Struts 2.x < 2.3.15.3 Broken Access Control Vulnerability (S2-018)

The version of Apache Struts running on the remote host is 2.x prior to 2.3.15.3. It, therefore, is affected by a broken access control vulnerability which can be used to bypass security constraints. Note that Nessus has not tested for these issues but has instead relied only on the application's...

5.8CVSS8.4AI score0.07457EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 7:37 p.m.48 views

Security Bulletin:Sterling Web Channel is affected by Apache Struts 2 security vulnerabilities (CVE-2013-4310, CVE-2013-4316, CVE-2013-2251, CVE-2013-2248, CVE-2013-2135, CVE-2013-2134, CVE-2013-2115, CVE-2013-1966, CVE-2013-1965)

Summary IBM Sterling Web Channel use Apache Struts 2 and is affected by some of the vulnerabilities that exist in Apache Struts 2. Vulnerability Details CVEID: CVE-2013-4310 Description: Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the action:...

10CVSS1.1AI score0.99998EPSS
Exploits35Affected Software1
CVE
CVE
added 2013/09/30 9:0 p.m.90 views

CVE-2013-4310

CVE-2013-4310 is an Apache Struts 2 vulnerability (prefix action: bypass) with a CVSS v2 base score 5.8 (network, low complexity). IBM security bullets tie this to IBM SAN Volume Controller, Storwize family, Storwize V7000, V5000, V3700, V3500 (Lenovo) and related IBM Flex System components. In I...

5.8CVSS7.7AI score0.07457EPSS
Exploits1References9Affected Software1
seebug.org
seebug.org
added 2013/09/26 12:0 a.m.52 views

Apache Struts 安全措施绕过漏洞

BUGTRAQ ID: 62584 CVECAN ID: CVE-2013-4310 Struts2 是第二代基于Model-View-Controller MVC模型的java企业级web应用框架。 Apache Struts 2.0.0-2.3.15.1的操作映射机制支持特殊参数前缀操作,这样有可能会在表格底部附加引导信息,在映射 "action:" 前缀操作时存在安全绕过漏洞,可被利用绕过某些安全限制,访问受限制功能。 0 Apache Group Struts 2.3.15.2 厂商补丁: Apache Group ------------ Apache...

5.8CVSS8AI score0.07457EPSS
Exploits1
Rows per page
Query Builder