CVE-2013-4152

Common vulnerabilities & exposures (CVE)

Published at: - 22-08-2013 02:00

Last modified: - 22-08-2013 02:00

Total changes: - 10

CVE-2013-4152 Spring Framework: XML External Entity (XXE) injection flaw

AV:N/AC:L/Au:N/C:P/I:N/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

None

Integrity

Privileges required

Scope

User interaction

5.0

Base score

Exploitability score

Impact score

AND

vendor=Red Hat Enterprise Linux AND product=jboss_amq AND version=6.1.0

AND

vendor=Red Hat Enterprise Linux AND product=jboss_fuse AND version=6.1.0

AND

product=spring

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_soa_platform AND version=5.3

AND

product=activemq-0 AND versionEndExcluding=5.9.0-4.redhat.610328.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=activemq-0 AND versionEndExcluding=5.9.0-4.redhat.610328.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1.2

AND

product=amq-6 AND version=