Vulnerability Details CVE-2013-0314
The GateIn Portal export/import gadget in JBoss Enterprise Portal Platform 5.2.2 does not properly check authentication when importing Zip files, which allows remote attackers to modify site contents, remove the site, or alter the access controls for portlets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://rhn.redhat.com/errata/RHSA-2013-0613.html
- http://secunia.com/advisories/52552
- http://www.osvdb.org/91120
- https://bugzilla.redhat.com/show_bug.cgi?id=913327
- http://rhn.redhat.com/errata/RHSA-2013-0613.html
- http://secunia.com/advisories/52552
- http://www.osvdb.org/91120
- https://bugzilla.redhat.com/show_bug.cgi?id=913327
Products affected by CVE-2013-0314
-
cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.2.2