CVE-2013-4316

Description

Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors.

Base Score

9.8

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

6.168

Vulnerability	OS Platform
Vulnerabilities CVE-2013-4316 are fixed in Apache-struts2-rest-plugin 2.3.15.2	Windows
Vulnerabilities CVE-2013-4316 are fixed in Apache-struts2-core 2.3.15.2	Windows
Vulnerabilities CVE-2013-4316 are fixed in Apache-struts2-rest-plugin for Linux 2.3.15.2	Linux
Vulnerabilities CVE-2013-4316 are fixed in Apache-structs2-core for Linux 2.3.15.2	Linux

No records found