CVE Vulnerabilities

CVE-2013-4310

Published: Sep 30, 2013 | Modified: Apr 11, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
RedHat/V2
5.8 MODERATE
AV:N/AC:M/Au:N/C:P/I:P/A:N
RedHat/V3
Ubuntu
MEDIUM
root.io minimus.io echohq.com

Apache Struts 2.0.0 through 2.3.15.1 allows remote attackers to bypass access controls via a crafted action: prefix.

Affected Software

Name Vendor Start Version End Version
Struts Apache 2.0.0 (including) 2.0.0 (including)
Struts Apache 2.0.1 (including) 2.0.1 (including)
Struts Apache 2.0.2 (including) 2.0.2 (including)
Struts Apache 2.0.3 (including) 2.0.3 (including)
Struts Apache 2.0.4 (including) 2.0.4 (including)
Struts Apache 2.0.5 (including) 2.0.5 (including)
Struts Apache 2.0.6 (including) 2.0.6 (including)
Struts Apache 2.0.7 (including) 2.0.7 (including)
Struts Apache 2.0.8 (including) 2.0.8 (including)
Struts Apache 2.0.9 (including) 2.0.9 (including)
Struts Apache 2.0.10 (including) 2.0.10 (including)
Struts Apache 2.0.11 (including) 2.0.11 (including)
Struts Apache 2.0.11.1 (including) 2.0.11.1 (including)
Struts Apache 2.0.11.2 (including) 2.0.11.2 (including)
Struts Apache 2.0.12 (including) 2.0.12 (including)
Struts Apache 2.0.13 (including) 2.0.13 (including)
Struts Apache 2.0.14 (including) 2.0.14 (including)
Struts Apache 2.1.0 (including) 2.1.0 (including)
Struts Apache 2.1.1 (including) 2.1.1 (including)
Struts Apache 2.1.2 (including) 2.1.2 (including)
Struts Apache 2.1.3 (including) 2.1.3 (including)
Struts Apache 2.1.4 (including) 2.1.4 (including)
Struts Apache 2.1.5 (including) 2.1.5 (including)
Struts Apache 2.1.6 (including) 2.1.6 (including)
Struts Apache 2.1.8 (including) 2.1.8 (including)
Struts Apache 2.1.8.1 (including) 2.1.8.1 (including)
Struts Apache 2.2.1 (including) 2.2.1 (including)
Struts Apache 2.2.1.1 (including) 2.2.1.1 (including)
Struts Apache 2.2.3 (including) 2.2.3 (including)
Struts Apache 2.2.3.1 (including) 2.2.3.1 (including)
Struts Apache 2.3.1 (including) 2.3.1 (including)
Struts Apache 2.3.1.1 (including) 2.3.1.1 (including)
Struts Apache 2.3.1.2 (including) 2.3.1.2 (including)
Struts Apache 2.3.3 (including) 2.3.3 (including)
Struts Apache 2.3.4 (including) 2.3.4 (including)
Struts Apache 2.3.4.1 (including) 2.3.4.1 (including)
Struts Apache 2.3.7 (including) 2.3.7 (including)
Struts Apache 2.3.8 (including) 2.3.8 (including)
Struts Apache 2.3.12 (including) 2.3.12 (including)
Struts Apache 2.3.14 (including) 2.3.14 (including)
Struts Apache 2.3.14.1 (including) 2.3.14.1 (including)
Struts Apache 2.3.14.2 (including) 2.3.14.2 (including)
Struts Apache 2.3.14.3 (including) 2.3.14.3 (including)
Struts Apache 2.3.15 (including) 2.3.15 (including)
Struts Apache 2.3.15.1 (including) 2.3.15.1 (including)

References