Vulnerability Details : CVE-2013-2186
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.
Vulnerability category: Input validation
Products affected by CVE-2013-2186
- cpe:2.3:a:redhat:jboss_enterprise_portal_platform:4.3.0:cp07:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_portal_platform:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu:10.04:*:lts:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-2186
1.37%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-2186
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2013-2186
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-2186
-
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
Oracle Critical Patch Update - January 2016
-
http://lists.opensuse.org/opensuse-updates/2013-10/msg00033.html
openSUSE-SU-2013:1571-1: moderate: update for jakarta-commons-fileupload
-
https://www.tenable.com/security/research/tra-2016-23
[R4] Apache Wicket DiskFileItem Java Deserialization Remote File Manipulation - Research Advisory | TenableĀ®
-
https://access.redhat.com/errata/RHSA-2016:0070
RHSA-2016:0070 - Security Advisory - Red Hat Customer Portal
-
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00008.html
[security-announce] SUSE-SU-2013:1660-1: important: Security update for
-
http://www.debian.org/security/2013/dsa-2827
Debian -- Security Information -- DSA-2827-1 libcommons-fileupload-java
-
http://ubuntu.com/usn/usn-2029-1
USN-2029-1: Apache Commons FileUpload vulnerability | Ubuntu security notices
-
http://rhn.redhat.com/errata/RHSA-2013-1430.html
Red Hat Customer PortalVendor Advisory
-
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
Oracle Critical Patch Update - January 2015
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/88133
Apache commons-fileupload DiskFileItem class file overwrite CVE-2013-2186 Vulnerability Report
-
http://rhn.redhat.com/errata/RHSA-2013-1429.html
RHSA-2013:1429 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
Jenkins Security Advisory 2014-10-01 - Security Advisories - Jenkins Wiki
-
http://lists.opensuse.org/opensuse-updates/2013-10/msg00050.html
openSUSE-SU-2013:1596-1: moderate: update for jakarta-commons-fileupload
-
http://www.securityfocus.com/bid/63174
Apache Commons FileUpload 'DiskFileItem' Class Null Byte Arbitrary File Write Vulnerability
-
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
Oracle Critical Patch Update - July 2015
-
http://rhn.redhat.com/errata/RHSA-2013-1442.html
RHSA-2013:1442 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2013-1428.html
RHSA-2013:1428 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2013-1448.html
RHSA-2013:1448 - Security Advisory - Red Hat Customer PortalVendor Advisory
Jump to