Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2020-13936

Published: 10/03/2021 Updated: 07/11/2023
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 801
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Subscribe to Apache

Vulnerability Summary

An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache velocity engine

apache wss4j 2.3.1

debian debian linux 9.0

oracle retail order broker 16.0

oracle banking platform 2.6.2

oracle banking platform 2.7.1

oracle communications network integrity 7.3.6

oracle banking enterprise default management 2.12.0

oracle banking enterprise default management 2.10.0

oracle banking party management 2.7.0

oracle utilities testing accelerator 6.0.0.2.2

oracle utilities testing accelerator 6.0.0.3.1

oracle utilities testing accelerator 6.0.0.1.1

oracle communications cloud native core policy 1.14.0

oracle banking platform

oracle banking loans servicing 2.12.0

oracle retail service backbone 19.0.1

oracle retail integration bus 19.0.1

oracle banking enterprise default management 2.7.1

oracle banking enterprise default management 2.6.2

oracle banking enterprise default management

oracle banking deposits and lines of credit servicing 2.12.0

oracle retail xstore office cloud service 17.0.4

oracle retail xstore office cloud service 18.0.3

oracle retail xstore office cloud service 19.0.2

oracle retail xstore office cloud service 20.0.1

oracle retail xstore office cloud service 16.0.6

oracle hospitality token proxy service 19.2

Vendor Advisories

Debian CVElist Bug Report Logs: velocity: CVE-2020-13936
Debian Bug report logs - #985220 velocity: CVE-2020-13936 Package: src:velocity; Maintainer for src:velocity is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 14 Mar 2021 15:48:33 UTC Severity: important Tags: security, upstream ...
Amazon Linux 2: ALAS2-2021-1690
A flaw was found in velocity An attacker, able to modify Velocity templates, may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (CVE-2020-13936) ...
Red Hat: CVE-2020-13936
No description is available for this CVE ...

Mailing Lists

Full Disclosure: CVE-2020-13936: Velocity Sandbox Bypass
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> CVE-2020-13936: Velocity Sandbox Bypass <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Will Glass-Husain &lt;wgl ...

Github Repositories

https://github.com/whyjustin/RefactorFirst

RefactorFirst This tool for Java codebases will help you identify the God Classes you should refactor first The graph generated in the report will look similar to this one: There are several ways to run the analysis on your codebase: From The Command Line Run the following command from the root of your project (the source code does not need to be built): mvn orghjugrefactor

References

NVD-CWE-noinfohttps://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3Ehttp://www.openwall.com/lists/oss-security/2021/03/10/1https://lists.debian.org/debian-lts-announce/2021/03/msg00019.htmlhttps://security.gentoo.org/glsa/202107-52https://www.oracle.com/security-alerts/cpujan2022.htmlhttps://www.oracle.com/security-alerts/cpuapr2022.htmlhttps://lists.apache.org/thread.html/rb042f3b0090e419cc9f5a3d32cf0baff283ccd6fcb1caea61915d6b6%40%3Ccommits.velocity.apache.org%3Ehttps://lists.apache.org/thread.html/r3ea4c4c908505b20a4c268330dfe7188b90c84dcf777728d02068ae6%40%3Cannounce.apache.org%3Ehttps://lists.apache.org/thread.html/rd2a89e17e8a9b451ce655f1a34117752ea1d18a22ce580d8baa824fd%40%3Ccommits.druid.apache.org%3Ehttps://lists.apache.org/thread.html/re641197d204765130618086238c73dd2ce5a3f94b33785b587d72726%40%3Cdev.ws.apache.org%3Ehttps://lists.apache.org/thread.html/rbee7270556f4172322936b5ecc9fabf0c09f00d4fa56c9de1963c340%40%3Cdev.ws.apache.org%3Ehttps://lists.apache.org/thread.html/reab5978b54a9f4c078402161e30a89c42807b198814acadbe6c862c7%40%3Cdev.ws.apache.org%3Ehttps://lists.apache.org/thread.html/rd7e865c87f9043c21d9c1fd9d4df866061d9a08cfc322771160d8058%40%3Cdev.ws.apache.org%3Ehttps://lists.apache.org/thread.html/re8e7482fe54d289fc0229e61cc64947b63b12c3c312e9f25bf6f3b8c%40%3Cdev.ws.apache.org%3Ehttps://lists.apache.org/thread.html/r0bc98e9cd080b4a13b905c571b9bed87e1a0878d44dbf21487c6cca4%40%3Cdev.santuario.apache.org%3Ehttps://lists.apache.org/thread.html/r39de20c7e9c808b1f96790875d33e58c9c0aabb44fd9227e7b3dc5da%40%3Cdev.ws.apache.org%3Ehttps://lists.apache.org/thread.html/r17cb932fab14801b14e5b97a7f05192f4f366ef260c10d4a8dba8ac9%40%3Cdev.ws.apache.org%3Ehttps://lists.apache.org/thread.html/r4cd59453b65d4ac290fcb3b71fdf32b4f1f8989025e89558deb5a245%40%3Cdev.ws.apache.org%3Ehttps://lists.apache.org/thread.html/r7f209b837217d2a0fe5977fb692e7f15d37fa5de8214bcdc4c21d9a7%40%3Ccommits.turbine.apache.org%3Ehttps://lists.apache.org/thread.html/r293284c6806c73f51098001ea86a14271c39f72cd76af9e946d9d9ad%40%3Cdev.ws.apache.org%3Ehttps://lists.apache.org/thread.html/rf7d369de88dc88a1347006a3323b3746d849234db40a8edfd5ebc436%40%3Cdev.ws.apache.org%3Ehttps://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882%40%3Cusers.activemq.apache.org%3Ehttps://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328%40%3Cusers.activemq.apache.org%3Ehttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985220https://nvd.nist.govhttps://alas.aws.amazon.com/AL2/ALAS-2021-1690.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook