Risk Scores
CVSS v3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.40%
60.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
Timeline
- Jul 27, 2013 PoC Published
- Oct 16, 2013 CVE Published
- Jan 14, 2014 PoC Published
- Aug 20, 2015 PoC Published
- May 29, 2018 PoC Published
- Oct 15, 2020 PoC Published
- Oct 16, 2020 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 28, 2022 EPSS Score
- May 19, 2022 EPSS Score
- Jul 10, 2022 EPSS Score
- Sep 1, 2022 EPSS Score
References
- http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html advisory
- http://www.fujitsu.com/global/support/software/security/products-f/interstage-bpm-analytics-201301e.html url
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html url
- apache-archiva-ognl-command-exec(90392) vdb
- 20131013 Apache Software Foundation A Subsite Remote command execution mailing-list
- http://cxsecurity.com/issue/WLB-2014010087 url
- 20131023 Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products vendor-advisory
- http://struts.apache.org/release/2.3.x/docs/s2-016.html url
- http://archiva.apache.org/security.html url
- 98445 vdb
- 1032916 vdb
- 61189 vdb
- 1029184 vdb
- 64758 vdb
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html url
- [oss-security] 20140114 Re: CVE Request: Apache Archiva Remote Command Execution 0day mailing-list
- http://packetstormsecurity.com/files/159629/Apache-Struts-2-Remote-Code-Execution.html url
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2251 url