CVE-2013-4330 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.8 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:P/I:P/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Affected Products (NVD)

Vendor	Product	Version
apache	camel	𝑥 ≤ 2.9.6
apache	camel	1.0.0
apache	camel	1.1.0
apache	camel	1.2.0
apache	camel	1.3.0
apache	camel	1.4.0
apache	camel	1.5.0
apache	camel	1.6.0
apache	camel	1.6.1
apache	camel	1.6.2
apache	camel	1.6.3
apache	camel	1.6.4
apache	camel	2.0.0
apache	camel	2.0.0:milestone1
apache	camel	2.0.0:milestone2
apache	camel	2.0.0:milestone3
apache	camel	2.1.0
apache	camel	2.2.0
apache	camel	2.3.0
apache	camel	2.4.0
apache	camel	2.5.0
apache	camel	2.6.0
apache	camel	2.7.0
apache	camel	2.7.1
apache	camel	2.7.2
apache	camel	2.7.3
apache	camel	2.7.4
apache	camel	2.7.5
apache	camel	2.8.0
apache	camel	2.8.1
apache	camel	2.8.2
apache	camel	2.8.3
apache	camel	2.8.4
apache	camel	2.8.5
apache	camel	2.8.6
apache	camel	2.9.0
apache	camel	2.9.1
apache	camel	2.9.2
apache	camel	2.9.3
apache	camel	2.9.4
apache	camel	2.9.5
apache	camel	2.10.0
apache	camel	2.10.1
apache	camel	2.10.2
apache	camel	2.10.3
apache	camel	2.10.4
apache	camel	2.10.5
apache	camel	2.10.6
apache	camel	2.11.0
apache	camel	2.11.1
apache	camel	2.12.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-94 - Improper Control of Generation of Code ('Code Injection')
The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References

http://camel.apache.org/security-advisories.data/CVE-2013-4330.txt.asc?version=1&modificationDate=1380535446943

http://osvdb.org/97941

http://packetstormsecurity.com/files/123454/

http://rhn.redhat.com/errata/RHSA-2013-1862.html

http://rhn.redhat.com/errata/RHSA-2014-0124.html

http://rhn.redhat.com/errata/RHSA-2014-0140.html

http://rhn.redhat.com/errata/RHSA-2014-0245.html

http://rhn.redhat.com/errata/RHSA-2014-0254.html

http://seclists.org/fulldisclosure/2013/Sep/178

http://secunia.com/advisories/54888

https://exchange.xforce.ibmcloud.com/vulnerabilities/87542

https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E

https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E

http://camel.apache.org/security-advisories.data/CVE-2013-4330.txt.asc?version=1&modificationDate=1380535446943

http://osvdb.org/97941

http://packetstormsecurity.com/files/123454/

http://rhn.redhat.com/errata/RHSA-2013-1862.html

http://rhn.redhat.com/errata/RHSA-2014-0124.html

http://rhn.redhat.com/errata/RHSA-2014-0140.html

http://rhn.redhat.com/errata/RHSA-2014-0245.html

http://rhn.redhat.com/errata/RHSA-2014-0254.html

http://seclists.org/fulldisclosure/2013/Sep/178

http://secunia.com/advisories/54888

https://exchange.xforce.ibmcloud.com/vulnerabilities/87542

https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E

https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E