CVE-2013-2185

CWE-20 — Improper Input Validation CWE-626 CWE-502 — Deserialization of Untrusted Data7 documents6 sources

Severity

7.5HIGH

EPSS

5.3%

top 9.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Tomcat Redhat Jboss Enterprise Application Platform Redhat Jboss Enterprise Portal Platform

Timeline

PublishedJan 19

Latest updateMay 17

Description

The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186. NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of ap…

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages4 packages

▶NVDredhat/jboss_enterprise_portal_platform6.0.0

▶NVDredhat/jboss_enterprise_application_platform6.1.0

▶Mavenorg.apache.tomcat:tomcat< 7.0.39

▶NVDapache/tomcat7.0.39

🔴Vulnerability Details

GHSA

Deserialization of Untrusted Data in Apache Tomcat↗2022-05-17

▶

OSV

Deserialization of Untrusted Data in Apache Tomcat↗2022-05-17

▶

CVEList

CVE-2013-2185: The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6↗2014-01-19

▶

📋Vendor Advisories

Red Hat

tomcat: remote code execution via uploaded JSP↗2014-09-10

▶

Red Hat

Tomcat/JBossWeb: Arbitrary file upload via deserialization↗2013-09-03

▶

💬Community

Bugzilla

CVE-2013-2185 Tomcat/JBossWeb: Arbitrary file upload via deserialization↗2013-06-16

▶