CVE-2013-3827
CVE-2013-3827
Vexday Risk Score
72High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Functional exploit
Popular PoC on GitHub (1 stars) — exploitation code widely available.
CVSS —EPSS 32.4%KEV nãoPoC públicaNuclei simMetasploit —Patch referenciado
Lifecycle
15 Oct 2013Public PoC
16 Oct 2013Published on NVD
Recommendation: Patch as soon as possible — active exploitation confirmed.
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container.
Affected products
n/a · n/apublic PoCs found — 3
githubgithub.com/thistehneisen/CVE-2013-3827★ 1exploitdbwww.exploit-db.com/exploits/38802unverifiedvulncheckvulncheck.com/xdb/751d0cd3c069unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.