IBM WebSphere Application Server CVE-2013-3024 Local Command Injection Vulnerability
BID:104301
Info
IBM WebSphere Application Server CVE-2013-3024 Local Command Injection Vulnerability
| Bugtraq ID: | 104301 |
| Class: | Input Validation Error |
| CVE: |
CVE-2013-3024 |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 14 2013 12:00AM |
| Updated: | Jan 14 2013 12:00AM |
| Credit: | IBM |
| Vulnerable: |
IBM Websphere Application Server 8.5.0.2 IBM Websphere Application Server 8.5.0.1 IBM Websphere Application Server 8.5.0.0 |
| Not Vulnerable: |
IBM Websphere Application Server 8.5.5.0 |
Discussion
IBM WebSphere Application Server CVE-2013-3024 Local Command Injection Vulnerability
IBM WebSphere Application Server is prone to a local command-injection vulnerability.
Exploiting this issue could allow a local attacker to execute arbitrary commands in context of the vulnerable application.
WebSphere Application Server 8.5 through 8.5.0.2 are vulnerable.
IBM WebSphere Application Server is prone to a local command-injection vulnerability.
Exploiting this issue could allow a local attacker to execute arbitrary commands in context of the vulnerable application.
WebSphere Application Server 8.5 through 8.5.0.2 are vulnerable.
Exploit / POC
IBM WebSphere Application Server CVE-2013-3024 Local Command Injection Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
IBM WebSphere Application Server CVE-2013-3024 Local Command Injection Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.