CVE-2016-0710

high-risk
Published 2016-04-11

Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed before 2.3.1 allow remote attackers to execute arbitrary SQL commands via the (1) role or (2) user parameter to services/usermanager/users/.

Do I need to act?

!
79.2% chance of exploitation in next 30 days
EPSS score — higher than 21% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
39643
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Apache

References (12)

Exploit http://haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-an...
Exploit http://packetstormsecurity.com/files/136489/Apache-Jetspeed-Arbitrary-File-Uploa...
http://www.rapid7.com/db/modules/exploit/multi/http/apache_jetspeed_file_upload
https://mail-archives.apache.org/mod_mbox/portals-jetspeed-user/201603.mbox/%3C0...
Vendor Advisory https://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-0710
Exploit https://www.exploit-db.com/exploits/39643/
Exploit http://haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-an...
Exploit http://packetstormsecurity.com/files/136489/Apache-Jetspeed-Arbitrary-File-Uploa...
http://www.rapid7.com/db/modules/exploit/multi/http/apache_jetspeed_file_upload
https://mail-archives.apache.org/mod_mbox/portals-jetspeed-user/201603.mbox/%3C0...
Vendor Advisory https://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-0710
Exploit https://www.exploit-db.com/exploits/39643/
62
/ 100
high-risk
Severity 30/34 · Critical
Exploitability 27/34 · High
Exposure 5/34 · Minimal