5.8

CVE-2013-4310

Apache Struts 2.0.0 through 2.3.15.1 allows remote attackers to bypass access controls via a crafted action: prefix.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheStruts Version2.0.0
ApacheStruts Version2.0.1
ApacheStruts Version2.0.2
ApacheStruts Version2.0.3
ApacheStruts Version2.0.4
ApacheStruts Version2.0.5
ApacheStruts Version2.0.6
ApacheStruts Version2.0.7
ApacheStruts Version2.0.8
ApacheStruts Version2.0.9
ApacheStruts Version2.0.10
ApacheStruts Version2.0.11
ApacheStruts Version2.0.11.1
ApacheStruts Version2.0.11.2
ApacheStruts Version2.0.12
ApacheStruts Version2.0.13
ApacheStruts Version2.0.14
ApacheStruts Version2.1.0
ApacheStruts Version2.1.1
ApacheStruts Version2.1.2
ApacheStruts Version2.1.3
ApacheStruts Version2.1.4
ApacheStruts Version2.1.5
ApacheStruts Version2.1.6
ApacheStruts Version2.1.8
ApacheStruts Version2.1.8.1
ApacheStruts Version2.2.1
ApacheStruts Version2.2.1.1
ApacheStruts Version2.2.3
ApacheStruts Version2.2.3.1
ApacheStruts Version2.3.1
ApacheStruts Version2.3.1.1
ApacheStruts Version2.3.1.2
ApacheStruts Version2.3.3
ApacheStruts Version2.3.4
ApacheStruts Version2.3.4.1
ApacheStruts Version2.3.7
ApacheStruts Version2.3.8
ApacheStruts Version2.3.12
ApacheStruts Version2.3.14
ApacheStruts Version2.3.14.1
ApacheStruts Version2.3.14.2
ApacheStruts Version2.3.14.3
ApacheStruts Version2.3.15
ApacheStruts Version2.3.15.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.46% 0.937
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
http://www.securityfocus.com/bid/64758
http://archives.neohapsis.com/archives/bugtraq/2013-09/0107.html
Patch
http://archives.neohapsis.com/archives/bugtraq/2013-10/0083.html
http://secunia.com/advisories/54919
Vendor Advisory
http://secunia.com/advisories/56483
http://secunia.com/advisories/56492
http://struts.apache.org/release/2.3.x/docs/s2-018.html
Patch
Vendor Advisory
http://www.securitytracker.com/id/1029077