Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2013-3827

Published: 16/10/2013 Updated: 31/12/2016
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Fusion Middleware

Vulnerability Summary

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote malicious users to affect confidentiality via unknown vectors related to Java Server Faces or Web Container.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle fusion middleware 11.1.2.3.0

oracle fusion middleware 11.1.2.4.0

oracle fusion middleware 3.0.1

oracle fusion middleware 3.1.2

oracle fusion middleware 12.1.2.0.0

oracle fusion middleware 12.1.1

oracle fusion middleware 10.3.6

oracle fusion middleware 2.1.1

Vendor Advisories

Red Hat: CVE-2013-3827
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 211, 301, and 312; the Oracle JDeveloper component in Oracle Fusion Middleware 111230, 111240, and 121200; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10360 and 1211 allows remote attackers to affect confide ...
Hitachi Security Advisories: Vulnerability in Cosminexus
A vulnerability (CVE-2013-3827) exists in Cosminexus Component Container Affected products and versions are listed below Please upgrade your version to the appropriate version This vulnerability exists in Cosminexus Component Container which is a component product of other Hitachi products For details about the fixed version about Cosminexus ...

Exploits

Exploit DB: Oracle GlassFish Server 2.1.1/3.0.1 - Multiple Subcomponent Resource Identifier Traversal Arbitrary File Access
source: wwwsecurityfocuscom/bid/63052/info Oracle JavaServer Faces is prone to multiple directory-traversal vulnerabilities Exploiting these issues may allow an attacker to obtain sensitive information that could aid in further attacks This vulnerability affects the following products and versions: WebLogic Server 10360, 12110 ...

Github Repositories

https://github.com/thistehneisen/CVE-2013-3827

Quick PoC checker for common configurations that might be available via directory traversal due to CVE-2013-3827

CVE-2013-3827 Quick PoC checker for common configurations that might be available via directory traversal due to CVE-2013-3827 Usage: Modify the contents of traversalpy to match your needs python3 traversalpy

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.htmlhttp://www.securitytracker.com/id/1029190http://www.kb.cert.org/vuls/id/526012http://rhn.redhat.com/errata/RHSA-2014-0029.htmlhttp://www.securityfocus.com/bid/63052https://nvd.nist.govhttps://github.com/thistehneisen/CVE-2013-3827https://www.exploit-db.com/exploits/38802/https://access.redhat.com/security/cve/cve-2013-3827https://www.kb.cert.org/vuls/id/526012
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook