Detections
Analytics
Apache Archiva 1.2.x <= 1.2.2 / 1.3.x <= 1.3.6 Multiple Vulnerabilities
high Nessus Plugin ID 73761
Language:
Synopsis
The remote web server hosts an application that is affected by multiple vulnerabilities.Description
According to its self-reported version, the instance of Apache Archiva hosted on the remote web server is 1.2.x prior than or equal to 1.2.2 or 1.3.x prior than or equal to 1.3.6 and thus is affected by the following vulnerabilities :- An input validation error exists related to unspecified scripts and unspecified parameters that could allow cross-site scripting attacks.
(CVE-2013-2187)
- Input validation errors exist related to the bundled version of Apache Struts that could allow arbitrary Object-Graph Navigation Language (OGNL) expression execution via specially crafted requests.
(CVE-2013-2251)
Solution
Upgrade to Apache Archiva 1.3.8 / 2.0.1 or later.See Also
Plugin Details
Severity: High
ID: 73761
File Name: archiva_1_3_8.nasl
Version: 1.13
Type: remote
Family: CGI abuses
Published: 4/29/2014
Updated: 4/25/2023
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.7
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2013-2251
Vulnerability Information
CPE: cpe:/a:apache:archiva
Required KB Items: www/archiva
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/18/2014
Vulnerability Publication Date: 7/16/2013
CISA Known Exploited Vulnerability Due Dates: 4/15/2022
Exploitable With
CANVAS (CANVAS)
Core Impact
Metasploit (Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution)
Elliot (Apache-Struts DefaultActionMapper < 2.3.15.1 RCE Linux)
Reference Information
CVE: CVE-2013-2187, CVE-2013-2251