exploitDog

CVE-2013-4486

Опубликовано: 03 дек. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 6.8

EPSS Низкий

Описание

Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging

Ссылки

https://access.redhat.com/security/cve/cve-2013-4486
Third Party Advisory
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4486
Issue Tracking
Patch
Vendor Advisory
https://github.com/zanata/zanata-server/wiki/Security-advisories
Patch
Third Party Advisory
https://access.redhat.com/security/cve/cve-2013-4486
Third Party Advisory
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4486
Issue Tracking
Patch
Vendor Advisory
https://github.com/zanata/zanata-server/wiki/Security-advisories
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:redhat:zanata:*:*:*:*:*:*:*:*

Версия от 3.0.0 (включая) до 3.1.2 (включая)

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00597

Низкий

9.8 Critical

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-74

Связанные уязвимости

CVE-2013-4486

redhat

почти 12 лет назад

Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging

GHSA-995g-3xr3-cxp4

github

почти 4 года назад

Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging

EPSS

Процентиль: 69%

0.00597

Низкий

9.8 Critical

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-74