CVE-2016-1000031

HIGH

Details

Source: MITRE

Published: 2016-10-25

Updated: 2021-01-20

Type: CWE-284

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:commons_fileupload:*:*:*:*:*:*:*:* versions up to 1.3.2 (inclusive)

Tenable Plugins

View all (15 total)

IDNameProductFamilySeverity
145267Oracle Enterprise Manager Cloud Control (Jan 2021 CPU)NessusMisc.
high
141564IBM WebSphere Application Server 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 / 9.0.x < 9.0.0.7 RCE (CVE-2016-1000031)NessusWeb Servers
high
138528Oracle Database Server Multiple Vulnerabilities (Jul 2020 CPU)NessusDatabases
high
136091Oracle WebCenter Sites Multiple Vulnerabilities (July 2019 CPU)NessusWindows
high
135678Oracle Business Intelligence Publisher Multiple Vulnerabilities (Apr 2020 CPU)NessusMisc.
high
126788Oracle Application Testing Suite Multiple Vulnerabilities (Jul 2019 CPU)NessusMisc.
high
125212openSUSE Security Update : jakarta-commons-fileupload (openSUSE-2019-1399)NessusSuSE Local Security Checks
high
125147Oracle Enterprise Manager Ops Center (Apr 2019 CPU)NessusMisc.
high
124237Oracle WebCenter Portal Multiple Vulnerabilities (Apr 2019 CPU)NessusMisc.
high
124170Oracle Primavera Unifier Multiple Vulnerabilities (Apr 2019 CPU)NessusCGI abuses
high
124169Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU)NessusCGI abuses
high
119274FreeBSD : payara -- Multiple vulnerabilities (d70c9e18-f340-11e8-be46-0019dbb15b3f)NessusFreeBSD Local Security Checks
high
118732Apache Struts <= 2.3.36 FileUpload Deserialization VulnerabilityNessusMisc.
high
102280FreeBSD : Axis2 -- Security vulnerability on dependency Apache Commons FileUpload (c1265e85-7c95-11e7-93af-005056925db4)NessusFreeBSD Local Security Checks
high
101548Apache Struts 2.5.x < 2.5.12 Multiple DoS (S2-047) (S2-049)NessusMisc.
high