Vulnerabilites related to oracle - siebel_apps_-_e-billing
Vulnerability from fkie_nvd
Published
2013-07-20 03:37
Modified
2025-04-11 00:51
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
References
Impacted products
{ cisaActionDue: "2022-04-15", cisaExploitAdd: "2022-03-25", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Apache Struts Improper Input Validation Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:archiva:*:*:*:*:*:*:*:*", matchCriteriaId: "3A10FB76-761D-4411-B6A8-B1AD5C133071", versionEndExcluding: "1.3.8", versionStartIncluding: "1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:archiva:1.2:-:*:*:*:*:*:*", matchCriteriaId: "F0E0751C-E0BD-4C33-A541-C6FC67CE6663", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:archiva:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "CCCF9A1C-7091-4D72-8AFC-5373F45FF7D5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", matchCriteriaId: "61C63F76-5AFE-4D2F-B81C-D3476C165227", versionEndIncluding: "2.3.15", versionStartIncluding: "2.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fujitsu:interstage_business_process_manager_analytics:12.0:*:*:*:*:*:*:*", matchCriteriaId: "6D24308C-EEFB-477D-A88C-95E76CAC8AD7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*", matchCriteriaId: "E3527F41-A6ED-437D-9833-458A2C60C2A3", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", matchCriteriaId: "32623D48-7000-4C7D-823F-7D2A9841D88C", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "8D0C7AB6-1B62-49E3-99F8-53DD9329264E", versionEndIncluding: "6.10", versionStartIncluding: "5.0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fujitsu:interstage_business_process_manager_analytics:12.1:*:*:*:*:*:*:*", matchCriteriaId: "2825C5B3-6495-43FE-9D87-750C8B9B25EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*", matchCriteriaId: "E3527F41-A6ED-437D-9833-458A2C60C2A3", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", matchCriteriaId: "32623D48-7000-4C7D-823F-7D2A9841D88C", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", matchCriteriaId: "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", vulnerable: false, }, { criteria: "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*", matchCriteriaId: "8E8C192B-8044-4BF9-9F1F-57371FC0E8FD", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "8D0C7AB6-1B62-49E3-99F8-53DD9329264E", versionEndIncluding: "6.10", versionStartIncluding: "5.0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:gp7000f_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "577FACF4-0FB9-461A-877C-32DA8DBBF2B8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:gp7000f:-:*:*:*:*:*:*:*", matchCriteriaId: "D55A60A2-B9F8-49CF-AD55-033942363704", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:primepower_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5392609-A095-40AA-8190-783B8CCFDB18", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:primepower:-:*:*:*:*:*:*:*", matchCriteriaId: "77300584-CABF-4332-8E1A-763048496818", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:gp-s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "931139C5-A9D3-4D63-AF15-B0C5DD0578D1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:gp-s:-:*:*:*:*:*:*:*", matchCriteriaId: "855CDB9B-5476-4765-A8E3-69C7D42E1DFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:primergy_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "78239AD8-F1E1-49F2-A89F-F8488F21C014", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:primergy:-:*:*:*:*:*:*:*", matchCriteriaId: "6D9091D4-FC2B-43DE-A8C5-87922034536F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:gp5000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "262CD533-5171-4AB0-9537-65FC5FBA195E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:gp5000:-:*:*:*:*:*:*:*", matchCriteriaId: "0C3BE416-DA1B-4168-BE30-DFE3CD84E4E2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:sparc_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C3177688-5BBE-4C19-8A5C-FCF76AE2B227", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:sparc:-:*:*:*:*:*:*:*", matchCriteriaId: "80E1A333-794C-44BE-9E2A-C6711169681E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:siebel_apps_-_e-billing:6.1:*:*:*:*:*:*:*", matchCriteriaId: "109A2A5D-D631-472F-AA80-2E1D707943F5", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:siebel_apps_-_e-billing:6.1.1:*:*:*:*:*:*:*", matchCriteriaId: "51D5BAC9-E5B1-4A19-8B87-0CA2FA046D27", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:siebel_apps_-_e-billing:6.2:*:*:*:*:*:*:*", matchCriteriaId: "5F0DBE55-667B-45EF-8C3A-9C7AA33ADDE6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.", }, { lang: "es", value: "Apache Struts v2.0.0 hasta v2.3.15 permite a atacantes remotos ejecutar expresiones OGNL arbitrarias mediante un parámetro con una (1)acción:, (2) redirect:, o (3) redirectAction:", }, ], id: "CVE-2013-2251", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2013-07-20T03:37:30.737", references: [ { source: "secalert@redhat.com", tags: [ "Product", ], url: "http://archiva.apache.org/security.html", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", ], url: "http://cxsecurity.com/issue/WLB-2014010087", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://osvdb.org/98445", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/159629/Apache-Struts-2-Remote-Code-Execution.html", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2013/Oct/96", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q1/89", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://struts.apache.org/release/2.3.x/docs/s2-016.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.fujitsu.com/global/support/software/security/products-f/interstage-bpm-analytics-201301e.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/61189", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/64758", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029184", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032916", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90392", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "http://archiva.apache.org/security.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "http://cxsecurity.com/issue/WLB-2014010087", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://osvdb.org/98445", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/159629/Apache-Struts-2-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2013/Oct/96", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q1/89", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://struts.apache.org/release/2.3.x/docs/s2-016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.fujitsu.com/global/support/software/security/products-f/interstage-bpm-analytics-201301e.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/61189", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/64758", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032916", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90392", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-74", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-74", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
CVE-2013-2251 (GCVE-0-2013-2251)
Vulnerability from cvelistv5
Published
2013-07-18 01:00
Modified
2025-02-07 13:32
Severity ?
EPSS score ?
Summary
Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T15:27:41.156Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.fujitsu.com/global/support/software/security/products-f/interstage-bpm-analytics-201301e.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { name: "apache-archiva-ognl-command-exec(90392)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90392", }, { name: "20131013 Apache Software Foundation A Subsite Remote command execution", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2013/Oct/96", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://cxsecurity.com/issue/WLB-2014010087", }, { name: "20131023 Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://struts.apache.org/release/2.3.x/docs/s2-016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://archiva.apache.org/security.html", }, { name: "98445", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/98445", }, { name: "1032916", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032916", }, { name: "61189", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/61189", }, { name: "1029184", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029184", }, { name: "64758", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/64758", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { name: "[oss-security] 20140114 Re: CVE Request: Apache Archiva Remote Command Execution 0day", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q1/89", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/159629/Apache-Struts-2-Remote-Code-Execution.html", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2013-2251", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-07T13:24:31.949070Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-03-25", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2013-2251", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-74", description: "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-07T13:32:51.389Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-07-16T00:00:00.000Z", descriptions: [ { lang: "en", value: "Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-20T21:06:20.000Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.fujitsu.com/global/support/software/security/products-f/interstage-bpm-analytics-201301e.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { name: "apache-archiva-ognl-command-exec(90392)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90392", }, { name: "20131013 Apache Software Foundation A Subsite Remote command execution", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2013/Oct/96", }, { tags: [ "x_refsource_MISC", ], url: "http://cxsecurity.com/issue/WLB-2014010087", }, { name: "20131023 Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://struts.apache.org/release/2.3.x/docs/s2-016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://archiva.apache.org/security.html", }, { name: "98445", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/98445", }, { name: "1032916", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032916", }, { name: "61189", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/61189", }, { name: "1029184", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029184", }, { name: "64758", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/64758", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { name: "[oss-security] 20140114 Re: CVE Request: Apache Archiva Remote Command Execution 0day", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q1/89", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/159629/Apache-Struts-2-Remote-Code-Execution.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-2251", datePublished: "2013-07-18T01:00:00.000Z", dateReserved: "2013-02-19T00:00:00.000Z", dateUpdated: "2025-02-07T13:32:51.389Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }