SUSE CVE-2013-4316

🗓️ 15 Feb 2023 05:36:19Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 2 Views

Apache Struts versions 2.0.0 to 2.3.15.1 enable dynamic method invocation by default.

Reporter	Title	Published	Views	Family All 40
IBM Security Bulletins	Security Bulletin: Order Management could be subject to an Apache Struts vulnerability that could allow a remote attacker to execute arbitrary code on the system.	12 Apr 202417:44	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storwize V7000 Unified V1.4.2.1 Includes Fixes for IBM Storwize V7000 Security Vulnerabilities (CVE-2013-4310 CVE-2013-4316)	26 Sep 202204:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Call Center and Apache Struts Struts upgrade strategy (various CVEs, see below)	14 Sep 202217:37	–	ibm
IBM Security Bulletins	Security Bulletin: Intelligent Clusters Security Bulletin, 1410	24 Jan 201912:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Order Management Apache Struts upgrade strategy (various CVEs, see below)	14 Sep 202217:45	–	ibm
IBM Security Bulletins	Security Bulletin:Sterling Web Channel is affected by Apache Struts 2 security vulnerabilities (CVE-2013-4310, CVE-2013-4316, CVE-2013-2251, CVE-2013-2248, CVE-2013-2135, CVE-2013-2134, CVE-2013-2115, CVE-2013-1966, CVE-2013-1965)	16 Jun 201819:37	–	ibm
IBM Security Bulletins	Security Bulletin: IBM SAN Volume Controller and Storwize Family security vulnerabilities (CVE-2013-4310 CVE-2013-4316)	29 Mar 202301:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Order Management and IBM Sterling Configure, Price, Quote are affected by multiple Apache Struts 2 security vulnerabilities.	16 Jun 201819:34	–	ibm
BDU FSTEC	The vulnerability of the Dynamic Method Invocation (DMI) mechanism implemented in the Apache Struts software framework allows attackers to execute arbitrary code.	4 Oct 202200:00	–	bdu_fstec
Circl	CVE-2013-4316	18 Dec 202315:01	–	circl

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Desktop	11.3	any	libmysql55client18	5.5.37-0.7.1	libmysql55client18-5.5.37-0.7.1.noarch.rpm
SUSE Linux Enterprise Server	11.3	any	libmysql55client18	5.5.37-0.7.1	libmysql55client18-5.5.37-0.7.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	11.3	any	libmysql55client18	5.5.37-0.7.1	libmysql55client18-5.5.37-0.7.1.noarch.rpm
SUSE Linux Enterprise Server	11.4	any	libmysql55client18	5.5.43-0.7.3	libmysql55client18-5.5.43-0.7.3.noarch.rpm
SUSE Linux Enterprise Desktop	11.3	any	libmysql55client18-32bit	5.5.37-0.7.1	libmysql55client18-32bit-5.5.37-0.7.1.noarch.rpm
SUSE Linux Enterprise Server	11.3	any	libmysql55client18-32bit	5.5.37-0.7.1	libmysql55client18-32bit-5.5.37-0.7.1.noarch.rpm
SUSE Linux Enterprise Server	11.3	any	libmysql55client18-32bit	5.5.39-0.7.1	libmysql55client18-32bit-5.5.39-0.7.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	11.3	any	libmysql55client18-32bit	5.5.39-0.7.1	libmysql55client18-32bit-5.5.39-0.7.1.noarch.rpm
SUSE Linux Enterprise Server	11.4	any	libmysql55client18-32bit	5.5.43-0.7.3	libmysql55client18-32bit-5.5.43-0.7.3.noarch.rpm
SUSE Linux Enterprise Server	11.3	any	libmysql55client18-x86	5.5.39-0.7.1	libmysql55client18-x86-5.5.39-0.7.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2013-4316
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/858823
lists	www.lists.suse.com/pipermail/sle-security-updates/2014-June/000857.html

08 May 2026 02:43Current

7High risk

Vulners AI Score7

CVSS 210

EPSS0.06168

apache struts dynamic method invocation vulnerable struts