Lucene search

K
ubuntucveUbuntu.comUB:CVE-2013-1965
HistoryJul 10, 2013 - 12:00 a.m.

CVE-2013-1965

2013-07-1000:00:00
ubuntu.com
ubuntu.com
6

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

81.4%

Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before
2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a
crafted parameter name that is not properly handled when invoking a
redirect.

Notes

Author Note
jdstrand per Debian, only affects Struts 2

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

81.4%

Related for UB:CVE-2013-1965