exploitDog

CVE-2013-6469

Опубликовано: 22 апр. 2014

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

JBoss Overlord Run Time Governance (RTGov) 1.0 for JBossAS allows remote authenticated users to execute arbitrary Java code via an MVFLEX Expression Language (MVEL) expression. NOTE: some of these details are obtained from third party information.

Ссылки

http://secunia.com/advisories/57843
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1051279
http://secunia.com/advisories/57843
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1051279

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:jboss_fuse_service_works:6.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:jboss_overlord_run_time_governance:1.0:*:*:*:*:jbossas:*:*

EPSS

Процентиль: 65%

0.00485

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

CVE-2013-6469

redhat

почти 12 лет назад

JBoss Overlord Run Time Governance (RTGov) 1.0 for JBossAS allows remote authenticated users to execute arbitrary Java code via an MVFLEX Expression Language (MVEL) expression. NOTE: some of these details are obtained from third party information.

GHSA-55g4-fvcx-ch9h

github

больше 3 лет назад

JBoss Overlord Run Time Governance (RTGov) 1.0 for JBossAS allows remote authenticated users to execute arbitrary Java code via an MVFLEX Expression Language (MVEL) expression. NOTE: some of these details are obtained from third party information.

EPSS

Процентиль: 65%

0.00485

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-94