Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2013-4316 | First vendor Publication | 2013-09-30 |
Vendor | Cve | Last vendor Modification | 2016-12-07 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4316 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-284 | Access Control (Authorization) Issues |
50 % | CWE-16 | Configuration |
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-01-16 | IAVM : 2014-A-0009 - Multiple Vulnerabilities in Oracle Fusion Middleware Severity : Category I - VMSKEY : V0043395 |
2014-01-16 | IAVM : 2014-A-0011 - Multiple Vulnerabilities in Oracle MySQL Products Severity : Category I - VMSKEY : V0043399 |
2013-09-26 | IAVM : 2013-A-0183 - Multiple Vulnerabilities in Apache Struts Severity : Category I - VMSKEY : V0040489 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-05-08 | Name : A web application running on the remote host is affected by multiple vulnerab... File : mysql_enterprise_monitor_2_3_14.nasl - Type : ACT_GATHER_INFO |
2015-05-08 | Name : A web application running on the remote host is affected by multiple vulnerab... File : mysql_enterprise_monitor_3_0_5.nasl - Type : ACT_GATHER_INFO |
2014-06-07 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libmysql55client18-140527.nasl - Type : ACT_GATHER_INFO |
2013-09-27 | Name : The remote web server contains a web application that uses a Java framework t... File : struts_2_3_15_2.nasl - Type : ACT_ATTACK |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-06-18 01:12:06 |
|
2021-05-04 12:27:14 |
|
2021-04-22 01:32:58 |
|
2020-05-24 01:12:02 |
|
2020-05-23 00:37:58 |
|
2016-12-07 21:24:23 |
|
2015-05-09 13:27:26 |
|
2014-06-08 13:33:22 |
|
2014-02-17 11:21:59 |
|
2014-01-18 00:18:32 |
|
2014-01-17 13:19:43 |
|
2013-11-11 12:40:43 |
|
2013-10-01 21:20:30 |
|
2013-10-01 17:19:56 |
|