CVE-2013-2185 : The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Appl

The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186. NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue

Published 2014-01-19 18:02:57

Updated 2024-04-11 00:50:05

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Input validation

Threat overview for CVE-2013-2185

Top countries where our scanners detected CVE-2013-2185

Top open port discovered on systems with this issue 80

IPs affected by CVE-2013-2185 10,581

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2013-2185!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2013-2185

Probability of exploitation activity in the next 30 days: 0.27%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 63 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2013-2185

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2013-2185

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-2185

http://rhn.redhat.com/errata/RHSA-2013-1265.html

Red Hat Customer Portal
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-1194.html

RHSA-2013:1194 - Security Advisory - Red Hat Customer Portal
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-1193.html

RHSA-2013:1193 - Security Advisory - Red Hat Customer Portal
Vendor Advisory
http://www.openwall.com/lists/oss-security/2013/09/05/4

oss-security - Re: CVE-2013-2185 / Tomcat
http://openwall.com/lists/oss-security/2014/10/24/12

oss-security - Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185

CVEs referencing this url

Products affected by CVE-2013-2185