Lucene search
RedhatCVE-2013-4373HistoryOct 24, 2013 - 3:48 a.m.
CVE-2013-4373
2013-10-2403:48:48
CWE-20
redhat
web.nvd.nist.gov
27
cve-2013-4373
red hat
jboss operations network
jon 3.1.2
security vulnerability
arbitrary file upload
local users
temporary directory
zip files
nvd
CVSS2
3.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.1%
The storeFiles method in JPADriftServerBean in Red Hat JBoss Operations Network (JON) 3.1.2 allows local users to load arbitrary drift files into a server by writing the files to the temporary directory that is used to unpack zip files.
Affected configurations
Node
redhatjboss_operations_networkMatch3.1.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | jboss_operations_network | 3.1.2 | cpe:2.3:a:redhat:jboss_operations_network:3.1.2:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2013-10-24 03:48:00
nvd
nvd
CVE-2013-4373
2013-10-24 03:48:48
cvelist
cvelist
CVE-2013-4373
2013-10-24 01:00:00
redhat
redhat
(RHSA-2013:1448) Important: Red Hat JBoss Operations Network 3.1.2 update
2013-10-21 17:22:10
CVSS2
3.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2013-4373