Bug 1025131 (CVE-2013-4486) - CVE-2013-4486 Zanata: Remote code execution due to EL interpolation in logging
Summary: CVE-2013-4486 Zanata: Remote code execution due to EL interpolation in logging
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2013-4486
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1025622
Blocks: 1025132
TreeView+ depends on / blocked
 
Reported: 2013-10-31 05:18 UTC by David Jorm
Modified: 2019-09-29 13:09 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-03-21 04:52:42 UTC


Attachments (Terms of Use)

Description David Jorm 2013-10-31 05:18:21 UTC
Seam logging evaluates expression language (EL) statements in log messages. If an application includes user-provided strings in log messages directly via string concatenation, then a remote attacker could inject EL statements directly into the log messages, which would be evaluated on the server. If debug logging is enabled, Zanata performs logging of user-supplied strings using string concatenation. A remote attacker could use this flaw to execute arbitrary code in the context of the application server running Zanata.

Comment 1 Arun Babu Neelicattu 2013-10-31 05:33:08 UTC
Acknowledgements:

This issue was discovered by David Jorm of the Red Hat Security Response Team. The reporter acknowledges Adrian Hayes of Security-Assessment.com as the original reporter of this category of flaw.

Comment 3 David Jorm 2014-03-21 04:52:42 UTC
Statement:

Not Vulnerable. Zanata is not shipped in any supported Red Hat products.


Note You need to log in before you can comment on or make changes to this bug.