CVE-2013-2186

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.

References

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00008.html

http://lists.opensuse.org/opensuse-updates/2013-10/msg00033.html

http://lists.opensuse.org/opensuse-updates/2013-10/msg00050.html

http://rhn.redhat.com/errata/RHSA-2013-1428.html

http://rhn.redhat.com/errata/RHSA-2013-1429.html

http://rhn.redhat.com/errata/RHSA-2013-1430.html

http://rhn.redhat.com/errata/RHSA-2013-1442.html

http://rhn.redhat.com/errata/RHSA-2013-1448.html

http://secunia.com/advisories/55716

http://ubuntu.com/usn/usn-2029-1

http://www.debian.org/security/2013/dsa-2827

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

http://www.securityfocus.com/bid/63174

https://access.redhat.com/errata/RHSA-2016:0070

https://exchange.xforce.ibmcloud.com/vulnerabilities/88133

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01

https://www.tenable.com/security/research/tra-2016-23

Details

Source: MITRE

Published: 2013-10-28

Updated: 2018-01-09

Type: CWE-20

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
119442RHEL 7 : openshift (RHSA-2016:0070)NessusRed Hat Local Security Checks
critical
88086Oracle WebLogic Portal Apache Commons File Upload (January 2016 CPU)NessusMisc.
high
80909Oracle WebLogic Server Multiple Vulnerabilities (January 2015 CPU)NessusMisc.
high
78973RHEL 5 / 6 : JBoss Web Server (RHSA-2013:1428)NessusRed Hat Local Security Checks
high
78859Jenkins < 1.583 / 1.565.3 and Jenkins Enterprise 1.532.x / 1.554.x / 1.565.x < 1.532.10.1 / 1.554.10.1 / 1.565.3.1 Multiple VulnerabilitiesNessusCGI abuses
high
78017FreeBSD : jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS (549a2771-49cc-11e4-ae2c-c80aa9043978)NessusFreeBSD Local Security Checks
high
75174openSUSE Security Update : jakarta-commons-fileupload (openSUSE-SU-2013:1571-1)NessusSuSE Local Security Checks
high
71618Debian DSA-2827-1 : libcommons-fileupload-java - arbitrary file upload via deserializationNessusDebian Local Security Checks
high
70876Ubuntu 10.04 LTS : libcommons-fileupload-java vulnerability (USN-2029-1)NessusUbuntu Local Security Checks
high
70872SuSE 11.2 / 11.3 Security Update : jakarta-commons-fileupload (SAT Patch Numbers 8445 / 8446)NessusSuSE Local Security Checks
high