Lucene search
K

12 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/03/29 1:48 a.m.56 views

Security Bulletin: IBM SAN Volume Controller and Storwize Family security vulnerabilities (CVE-2013-4310 CVE-2013-4316)

Summary Security Bulletin: IBM SAN Volume Controller and Storwize Family security vulnerabilities CVE-2013-4310 CVE-2013-4316 Vulnerability Details Security Bulletin --- Summary --- Administrative access to the system via the IP interface may be obtained without authentication. Vulnerability...

10CVSS9.7AI score0.08333EPSS
Exploits2
F5 Networks
F5 Networks
added 2023/02/21 7:31 p.m.34 views

K16334: Apache Struts vulnerability CVE-2013-4316

Security Advisory Description Description Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors. CVE-2013-4316 Impact None Status To determine if your release is known to be vulnerable, the components or features that are...

10CVSS4.6AI score0.08333EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/05/17 3:28 a.m.3 views

org.apache.struts:struts2-assembly (>=2.2.1 <=2.3.15), org.apache.struts:struts2-rest-showcase (>=2.1.2 <=2.3.15.1) +3 more potentially affected by CVE-2013-4316 via org.apache.struts:struts2-rest-plugin (>=2.1.2 <=2.3.15.1)

org.apache.struts:struts2-rest-plugin MAVEN version =2.1.2, =2.2.1, =2.1.2, =2.0-RC2.3, =2.0-RC3 Source cves: CVE-2013-4316 Source advisory: OSV:GHSA-J7H6-XR7G-M2C5...

10CVSS6.1AI score0.08333EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/09/14 12:0 a.m.35 views

Apache Struts Security Update (S2-019)

The remote host is missing a security update for Apache Struts announced via the referenced advisory. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

10CVSS9.6AI score0.08333EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 7:37 p.m.48 views

Security Bulletin:Sterling Web Channel is affected by Apache Struts 2 security vulnerabilities (CVE-2013-4310, CVE-2013-4316, CVE-2013-2251, CVE-2013-2248, CVE-2013-2135, CVE-2013-2134, CVE-2013-2115, CVE-2013-1966, CVE-2013-1965)

Summary IBM Sterling Web Channel use Apache Struts 2 and is affected by some of the vulnerabilities that exist in Apache Struts 2. Vulnerability Details CVEID: CVE-2013-4310 Description: Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the action:...

10CVSS1.1AI score0.99998EPSS
Exploits35Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/05/08 12:0 a.m.59 views

MySQL Enterprise Monitor < 2.3.14 Apache Struts Multiple Vulnerabilities

According to its self-reported version, the MySQL Enterprise Monitor running on the remote host is affected by the multiple vulnerabilities in the bundled version of Apache Struts : - Input validation errors exist that allows the execution of arbitrary Object-Graph Navigation Language OGNL...

10CVSS7.2AI score0.99998EPSS
Exploits19References6
F5 Networks
F5 Networks
added 2015/04/01 12:0 a.m.74 views

SOL16334 - Apache Struts vulnerability CVE-2013-4316

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

10CVSS2.8AI score0.08333EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2013/09/30 9:55 p.m.34 views

CVE-2013-4316

Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors...

10CVSS6.3AI score0.08333EPSS
Exploits1References4
CVE
CVE
added 2013/09/30 9:0 p.m.128 views

CVE-2013-4316

CVE-2013-4316 affects Apache Struts 2.0.0–2.3.15.1, where Dynamic Method Invocation is enabled by default, enabling remote code execution with OGNL-parameter crafted requests. The IBM and related advisories confirm this vulnerability and reference the same CVE, describing the impact as remote cod...

10CVSS7.8AI score0.08333EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2013/09/30 9:0 p.m.43 views

CVE-2013-4316

Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors...

9.4AI score0.08333EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2013/09/27 12:0 a.m.180 views

Apache Struts 2 'action:' Parameter Prefix Security Constraint Bypass

The remote web application appears to use Struts 2, a web framework used for creating Java web applications. The version of Struts 2 in use is affected by a security constraint bypass vulnerability due to a flaw in the action mapping mechanism. Under certain unspecified conditions, an attacker...

10CVSS5.8AI score0.08333EPSS
Exploits2References4
seebug.org
seebug.org
added 2013/09/26 12:0 a.m.182 views

Apache Struts 远程代码执行漏洞(CVE-2013-4316)

BUGTRAQ ID: 62587 CVECAN ID: CVE-2013-4316 Struts2 是第二代基于Model-View-Controller MVC模型的java企业级web应用框架。 Apache Struts 2.3.15.2之前版本的“Dynamic Method Invocation”机制是默认开启的,仅提醒用户如果可能的情况下关闭此机制,这样就存在远程代码执行漏洞,远程攻击者可利用此漏洞在受影响应用上下文中执行任意代码。 0 Apache Group Struts 2.3.15.2 厂商补丁: Apache Group ------------ Apache...

10CVSS8.4AI score0.08333EPSS
Exploits1
Rows per page
Query Builder