CVE-2013-4373

Red Hat JBoss Operations Network 3.1.2 - Arbitrary File Upload via Temporary Directory

Title source: llm
STIX 2.1

Description

The storeFiles method in JPADriftServerBean in Red Hat JBoss Operations Network (JON) 3.1.2 allows local users to load arbitrary drift files into a server by writing the files to the temporary directory that is used to unpack zip files.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/88179
Vendor Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1011824
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1448.html

Scores

EPSS 0.0031
EPSS Percentile 22.3%

Details

CWE
CWE-20
Status published
Products (1)
redhat/jboss_operations_network 3.1.2
Published Oct 24, 2013
Tracked Since Feb 18, 2026