CVE-2013-4212
CVE-2013-4212
Vexday Risk Score
60Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS —EPSS 81.1%KEV nãoPoC públicaNuclei —Metasploit simPatch —
Lifecycle
31 Oct 2013Metasploit module available
27 Nov 2013Public PoC
07 Dec 2013Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
Certain getText methods in the ActionSupport controller in Apache Roller before 5.0.2 allow remote attackers to execute arbitrary OGNL expressions via the first or second parameter, as demonstrated by the pageTitle parameter in the !getPageTitle sub-URL to roller-ui/login.rol, which uses a subclass of UIAction, aka "OGNL Injection."
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/29859unverifiedexploitdbwww.exploit-db.com/exploits/29859unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://rollerweblogger.org/project/entry/apache_roller_5_0_2http://secunia.com/advisories/55862http://secunia.com/advisories/55877http://security.coverity.com/advisory/2013/Oct/remote-code-execution-in-apache-roller-via-ognl-injection.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/89239http://www.exploit-db.com/exploits/29859http://www.osvdb.org/100342