What is the severity of CVE-2013-4310?

The CVE-2013-4310 vulnerability has a high severity rating, indicating a significant risk of unauthorized access.

How do I fix CVE-2013-4310?

To address CVE-2013-4310, upgrade Apache Struts to version 2.3.15.3 or later.

What versions of Apache Struts are affected by CVE-2013-4310?

CVE-2013-4310 affects Apache Struts versions 2.0.0 through 2.3.15.1.

What type of vulnerability is CVE-2013-4310?

CVE-2013-4310 is a vulnerability that allows remote attackers to bypass access controls.

Who is affected by CVE-2013-4310?

Organizations using vulnerable versions of Apache Struts are at risk from CVE-2013-4310.

Vulnerability/
CVE-2013-4310

medium

5.8

CWE

284 264

30/9/2013

17/5/2022

6/8/2024

CVE-2013-4310

First published: Mon Sep 30 2013(Updated: )

Apache Struts 2.0.0 through 2.3.15.1 allows remote attackers to bypass access controls via a crafted action: prefix.

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
maven/org.apache.struts:struts2-core	<2.3.15.3	2.3.15.3
	=2.0.0
	=2.0.1
	=2.0.2
	=2.0.3
	=2.0.4
	=2.0.5
	=2.0.6
	=2.0.7
	=2.0.8
	=2.0.9
	=2.0.10
	=2.0.11
	=2.0.11.1
	=2.0.11.2
	=2.0.12
	=2.0.13
	=2.0.14
	=2.1.0
	=2.1.1
	=2.1.2
	=2.1.3
	=2.1.4
	=2.1.5
	=2.1.6
	=2.1.8
	=2.1.8.1
	=2.2.1
	=2.2.1.1
	=2.2.3
	=2.2.3.1
	=2.3.1
	=2.3.1.1
	=2.3.1.2
	=2.3.3
	=2.3.4
	=2.3.4.1
	=2.3.7
	=2.3.8
	=2.3.12
	=2.3.14
	=2.3.14.1
	=2.3.14.2
	=2.3.14.3
	=2.3.15
	=2.3.15.1
Apache Struts	=2.0.0
Apache Struts	=2.0.1
Apache Struts	=2.0.2
Apache Struts	=2.0.3
Apache Struts	=2.0.4
Apache Struts	=2.0.5
Apache Struts	=2.0.6
Apache Struts	=2.0.7
Apache Struts	=2.0.8
Apache Struts	=2.0.9
Apache Struts	=2.0.10
Apache Struts	=2.0.11
Apache Struts	=2.0.11.1
Apache Struts	=2.0.11.2
Apache Struts	=2.0.12
Apache Struts	=2.0.13
Apache Struts	=2.0.14
Apache Struts	=2.1.0
Apache Struts	=2.1.1
Apache Struts	=2.1.2
Apache Struts	=2.1.3
Apache Struts	=2.1.4
Apache Struts	=2.1.5
Apache Struts	=2.1.6
Apache Struts	=2.1.8
Apache Struts	=2.1.8.1
Apache Struts	=2.2.1
Apache Struts	=2.2.1.1
Apache Struts	=2.2.3
Apache Struts	=2.2.3.1
Apache Struts	=2.3.1
Apache Struts	=2.3.1.1
Apache Struts	=2.3.1.2
Apache Struts	=2.3.3
Apache Struts	=2.3.4
Apache Struts	=2.3.4.1
Apache Struts	=2.3.7
Apache Struts	=2.3.8
Apache Struts	=2.3.12
Apache Struts	=2.3.14
Apache Struts	=2.3.14.1
Apache Struts	=2.3.14.2
Apache Struts	=2.3.14.3
Apache Struts	=2.3.15
Apache Struts	=2.3.15.1

Remedy

http://archives.neohapsis.com/archives/bugtraq/2013-09/0107.html

Remedy

http://struts.apache.org/release/2.3.x/docs/s2-018.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-4310?
The CVE-2013-4310 vulnerability has a high severity rating, indicating a significant risk of unauthorized access.
How do I fix CVE-2013-4310?
To address CVE-2013-4310, upgrade Apache Struts to version 2.3.15.3 or later.
What versions of Apache Struts are affected by CVE-2013-4310?
CVE-2013-4310 affects Apache Struts versions 2.0.0 through 2.3.15.1.
What type of vulnerability is CVE-2013-4310?
CVE-2013-4310 is a vulnerability that allows remote attackers to bypass access controls.
Who is affected by CVE-2013-4310?
Organizations using vulnerable versions of Apache Struts are at risk from CVE-2013-4310.

collector/nvd-index
collector/github-advisory-latest
alias/GHSA-q5q8-jghf-3pm3
alias/CVE-2013-4310
collector/github-advisory
agent/type
agent/remedy
agent/references
agent/author
agent/softwarecombine
collector/nvd-cve
source/NVD
agent/software-canonical-lookup
agent/weakness
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/trending
agent/tags
agent/source
vendor/apache
canonical/apache struts
version/apache struts/2.0.0
version/apache struts/2.0.1
version/apache struts/2.0.2
version/apache struts/2.0.3
version/apache struts/2.0.4
version/apache struts/2.0.5
version/apache struts/2.0.6
version/apache struts/2.0.7
version/apache struts/2.0.8
version/apache struts/2.0.9
version/apache struts/2.0.10
version/apache struts/2.0.11
version/apache struts/2.0.11.1
version/apache struts/2.0.11.2
version/apache struts/2.0.12
version/apache struts/2.0.13
version/apache struts/2.0.14
version/apache struts/2.1.0
version/apache struts/2.1.1
version/apache struts/2.1.2
version/apache struts/2.1.3
version/apache struts/2.1.4
version/apache struts/2.1.5
version/apache struts/2.1.6
version/apache struts/2.1.8
version/apache struts/2.1.8.1
version/apache struts/2.2.1
version/apache struts/2.2.1.1
version/apache struts/2.2.3
version/apache struts/2.2.3.1
version/apache struts/2.3.1
version/apache struts/2.3.1.1
version/apache struts/2.3.1.2
version/apache struts/2.3.3
version/apache struts/2.3.4
version/apache struts/2.3.4.1
version/apache struts/2.3.7
version/apache struts/2.3.8
version/apache struts/2.3.12
version/apache struts/2.3.14
version/apache struts/2.3.14.1
version/apache struts/2.3.14.2
version/apache struts/2.3.14.3
version/apache struts/2.3.15
version/apache struts/2.3.15.1
package-manager/maven

CVE-2013-4310

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-4310?

How do I fix CVE-2013-4310?

What versions of Apache Struts are affected by CVE-2013-4310?

What type of vulnerability is CVE-2013-4310?

Who is affected by CVE-2013-4310?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2013-4310?

How do I fix CVE-2013-4310?

What versions of Apache Struts are affected by CVE-2013-4310?

What type of vulnerability is CVE-2013-4310?

Who is affected by CVE-2013-4310?