Lucene search
K

12 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/03/29 1:48 a.m.56 views

Security Bulletin: IBM SAN Volume Controller and Storwize Family security vulnerabilities (CVE-2013-4310 CVE-2013-4316)

Summary Security Bulletin: IBM SAN Volume Controller and Storwize Family security vulnerabilities CVE-2013-4310 CVE-2013-4316 Vulnerability Details Security Bulletin --- Summary --- Administrative access to the system via the IP interface may be obtained without authentication. Vulnerability...

10CVSS9.7AI score0.08333EPSS
Exploits2
F5 Networks
F5 Networks
added 2023/02/21 7:31 p.m.34 views

K16334: Apache Struts vulnerability CVE-2013-4316

Security Advisory Description Description Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors. CVE-2013-4316 Impact None Status To determine if your release is known to be vulnerable, the components or features that are...

10CVSS4.6AI score0.08333EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/05/17 3:28 a.m.3 views

org.apache.struts:struts2-assembly (>=2.2.1 <=2.3.15), org.apache.struts:struts2-rest-showcase (>=2.1.2 <=2.3.15.1) +3 more potentially affected by CVE-2013-4316 via org.apache.struts:struts2-rest-plugin (>=2.1.2 <=2.3.15.1)

org.apache.struts:struts2-rest-plugin MAVEN version =2.1.2, =2.2.1, =2.1.2, =2.0-RC2.3, =2.0-RC3 Source cves: CVE-2013-4316 Source advisory: OSV:GHSA-J7H6-XR7G-M2C5...

10CVSS6.1AI score0.08333EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/09/14 12:0 a.m.35 views

Apache Struts Security Update (S2-019)

The remote host is missing a security update for Apache Struts announced via the referenced advisory. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

10CVSS9.6AI score0.08333EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 7:37 p.m.48 views

Security Bulletin:Sterling Web Channel is affected by Apache Struts 2 security vulnerabilities (CVE-2013-4310, CVE-2013-4316, CVE-2013-2251, CVE-2013-2248, CVE-2013-2135, CVE-2013-2134, CVE-2013-2115, CVE-2013-1966, CVE-2013-1965)

Summary IBM Sterling Web Channel use Apache Struts 2 and is affected by some of the vulnerabilities that exist in Apache Struts 2. Vulnerability Details CVEID: CVE-2013-4310 Description: Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the action:...

10CVSS1.1AI score0.99998EPSS
Exploits35Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/05/08 12:0 a.m.59 views

MySQL Enterprise Monitor < 2.3.14 Apache Struts Multiple Vulnerabilities

According to its self-reported version, the MySQL Enterprise Monitor running on the remote host is affected by the multiple vulnerabilities in the bundled version of Apache Struts : - Input validation errors exist that allows the execution of arbitrary Object-Graph Navigation Language OGNL...

10CVSS7.2AI score0.99998EPSS
Exploits19References6
F5 Networks
F5 Networks
added 2015/04/01 12:0 a.m.74 views

SOL16334 - Apache Struts vulnerability CVE-2013-4316

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

10CVSS2.8AI score0.08333EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2013/09/30 9:55 p.m.33 views

CVE-2013-4316

Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors...

10CVSS6.3AI score0.08333EPSS
Exploits1References4
Cvelist
Cvelist
added 2013/09/30 9:0 p.m.41 views

CVE-2013-4316

Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors...

9.4AI score0.08333EPSS
Exploits1References5
CVE
CVE
added 2013/09/30 9:0 p.m.128 views

CVE-2013-4316

CVE-2013-4316 affects Apache Struts 2.0.0–2.3.15.1, where Dynamic Method Invocation is enabled by default, enabling remote code execution with OGNL-parameter crafted requests. The IBM and related advisories confirm this vulnerability and reference the same CVE, describing the impact as remote cod...

10CVSS7.8AI score0.08333EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/09/27 12:0 a.m.180 views

Apache Struts 2 'action:' Parameter Prefix Security Constraint Bypass

The remote web application appears to use Struts 2, a web framework used for creating Java web applications. The version of Struts 2 in use is affected by a security constraint bypass vulnerability due to a flaw in the action mapping mechanism. Under certain unspecified conditions, an attacker...

10CVSS5.8AI score0.08333EPSS
Exploits2References4
seebug.org
seebug.org
added 2013/09/26 12:0 a.m.182 views

Apache Struts 远程代码执行漏洞(CVE-2013-4316)

BUGTRAQ ID: 62587 CVECAN ID: CVE-2013-4316 Struts2 是第二代基于Model-View-Controller MVC模型的java企业级web应用框架。 Apache Struts 2.3.15.2之前版本的“Dynamic Method Invocation”机制是默认开启的,仅提醒用户如果可能的情况下关闭此机制,这样就存在远程代码执行漏洞,远程攻击者可利用此漏洞在受影响应用上下文中执行任意代码。 0 Apache Group Struts 2.3.15.2 厂商补丁: Apache Group ------------ Apache...

10CVSS8.4AI score0.08333EPSS
Exploits1
Rows per page
Query Builder