CVE-2013-4444 : Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.

Published 2014-09-12 01:55:07

Updated 2021-01-07 00:15:13

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Execute code

Threat overview for CVE-2013-4444

Top countries where our scanners detected CVE-2013-4444

Top open port discovered on systems with this issue 80

IPs affected by CVE-2013-4444 10,581

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2013-4444!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2013-4444

Probability of exploitation activity in the next 30 days: 6.81%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 94 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2013-4444

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2013-4444

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-4444

http://www.securitytracker.com/id/1030834

Apache Tomcat Bug Lets Remote Users Upload and Execute Arbitrary Code in Certain Cases - SecurityTracker
http://www.debian.org/security/2016/dsa-3447

Debian -- Security Information -- DSA-3447-1 tomcat7

CVEs referencing this url
http://tomcat.apache.org/security-7.html

Apache Tomcat® - Apache Tomcat 7 vulnerabilities
Patch

CVEs referencing this url
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013

HPSBOV03503 rev.3 - HP OpenVMS CSWS_JAVA running Tomcat, Multiple Remote Vulnerabilities

CVEs referencing this url
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Oracle Critical Patch Update - October 2016

CVEs referencing this url
http://www.securityfocus.com/bid/69728

Apache Tomcat CVE-2013-4444 Arbitrary File Upload Vulnerability
http://archives.neohapsis.com/archives/bugtraq/2014-09/0075.html
http://marc.info/?l=bugtraq&m=144498216801440&w=2

'[security bulletin] HPSBOV03503 rev.1 - HP OpenVMS CSWS_JAVA running Tomcat, Multiple Remote Vulnera' - MARC

CVEs referencing this url
http://seclists.org/fulldisclosure/2021/Jan/23

Full Disclosure: Re: [SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat
http://openwall.com/lists/oss-security/2014/10/24/12

oss-security - Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185

CVEs referencing this url

Products affected by CVE-2013-4444