CVE-2013-2027
Description
Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.
Risk Information
Base Score
5.9
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.021
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities are affected in Oracle WebLogic Server 12.1.3.0 | Windows |
| Multiple vulnerabilities are affected in Oracle WebLogic Server 10.3.6.0 | Windows |
| Multiple vulnerabilities are affected in Oracle WebLogic Server 12.2.1.2 | Windows |
| Vulnerabilities CVE-2013-2027 are fixed in Jython-jython-standalone 2.7.2 | Windows |
| Multiple vulnerabilities are affected in Oracle WebLogic Server 12.2.1.1 | Windows |
| Vulnerabilities CVE-2013-2027 are fixed in Jython-jython-standalone for Linux 2.7.2 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234