CVE-2013-4486

2019-12-0314:43:19

redhat

www.cve.org

9.5 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.4%

JSON

Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging

CNA Affected

[
  {
    "product": "Zanata",
    "vendor": "Zanata",
    "versions": [
      {
        "status": "affected",
        "version": "3.0.0 through 3.1.2"
      }
    ]
  }
]

References

access.redhat.com/security/cve/cve-2013-4486

bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4486

github.com/zanata/zanata-server/wiki/Security-advisories