CVE-2013-2453

7 documents6 sources
Severity
5.0MEDIUM
EPSS
4.5%
top 10.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Oracle JDKOracle JRESUN JDK+1 more
Timeline
PublishedJun 18
Latest updateMay 14

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to a missing check for "package access" by the MBeanServer Introspector.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

NVDoracle/jdk1.7.0+3
NVDoracle/jre1.7.0+3
NVDsun/jdk1.6.0
NVDsun/jre1.6.0

🔴Vulnerability Details

2
GHSA
GHSA-6v99-2p53-chqj: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows2022-05-14
CVEList
CVE-2013-2453: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows2013-06-18

📋Vendor Advisories

3
Ubuntu
OpenJDK 6 vulnerabilities2013-07-23
Ubuntu
OpenJDK 7 vulnerabilities2013-07-16
Red Hat
OpenJDK: MBeanServer Introspector package access (JMX, 8008124)2013-06-18

💬Community

1
Bugzilla
CVE-2013-2453 OpenJDK: MBeanServer Introspector package access (JMX, 8008124)2013-06-17
CVE-2013-2453 (MEDIUM CVSS 5) | Unspecified vulnerability in the Ja | cvebase.io