Web application abuses : Apache Archiva < 2.2.4 Multiple Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.142374

Categoría: Web application abuses

Título: Apache Archiva < 2.2.4 Multiple Vulnerabilities

Resumen: Apache Archiva is prone to multiple vulnerabilities.

Descripción: Summary:
Apache Archiva is prone to multiple vulnerabilities.

Vulnerability Insight:
Apache Archiva is prone to multiple vulnerabilities:

- Cross-site scripting vulnerability (CVE-2019-0213)

- Arbitrary file write and delete vulnerability (CVE-2019-0214)

Affected Software/OS:
Apache Archiva prior to version 2.2.4.

Solution:
Upgrade to version 2.2.4 or later.

CVSS Score:
5.5

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-0213
BugTraq ID: 108123
http://www.securityfocus.com/bid/108123
Bugtraq: 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS (Google Search)
https://seclists.org/bugtraq/2019/Apr/47
http://archiva.apache.org/security.html#CVE-2019-0213
http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html
https://lists.apache.org/thread.html/7bcea134c3d6fa72cdc1052922ac0914f399f63f4690b7937b80127d@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb@%3Cissues.archiva.apache.org%3E
https://lists.apache.org/thread.html/0397ddbd17b5257cc1746b31a07294a87221c5ca24e5d19d390e28f3@%3Cusers.archiva.apache.org%3E
https://lists.apache.org/thread.html/c358754a35473a61477f9d487870581a0dd7054ff95974628fa09f97@%3Cusers.maven.apache.org%3E
http://www.openwall.com/lists/oss-security/2019/04/30/7
Common Vulnerability Exposure (CVE) ID: CVE-2019-0214
BugTraq ID: 108124
http://www.securityfocus.com/bid/108124
Bugtraq: 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server (Google Search)
https://seclists.org/bugtraq/2019/Apr/48
http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html
https://lists.apache.org/thread.html/18b670afc2f83034f47ebeb2f797c350fe60f1f2b33c95b95f467ef8@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/5851cb0214f22ba681fb445870eeb6b01afd1fb614e45a22978d7dda@%3Cusers.archiva.apache.org%3E
https://lists.apache.org/thread.html/239349b6dd8f66cf87a70c287b03af451dea158b776d3dfc550b4f0e@%3Cusers.maven.apache.org%3E
http://www.openwall.com/lists/oss-security/2019/04/30/8

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.142374
Categoría:	Web application abuses
Título:	Apache Archiva < 2.2.4 Multiple Vulnerabilities
Resumen:	Apache Archiva is prone to multiple vulnerabilities.
Descripción:	Summary: Apache Archiva is prone to multiple vulnerabilities. Vulnerability Insight: Apache Archiva is prone to multiple vulnerabilities: - Cross-site scripting vulnerability (CVE-2019-0213) - Arbitrary file write and delete vulnerability (CVE-2019-0214) Affected Software/OS: Apache Archiva prior to version 2.2.4. Solution: Upgrade to version 2.2.4 or later. CVSS Score: 5.5 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-0213 BugTraq ID: 108123 http://www.securityfocus.com/bid/108123 Bugtraq: 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS (Google Search) https://seclists.org/bugtraq/2019/Apr/47 http://archiva.apache.org/security.html#CVE-2019-0213 http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html https://lists.apache.org/thread.html/7bcea134c3d6fa72cdc1052922ac0914f399f63f4690b7937b80127d@%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb@%3Cissues.archiva.apache.org%3E https://lists.apache.org/thread.html/0397ddbd17b5257cc1746b31a07294a87221c5ca24e5d19d390e28f3@%3Cusers.archiva.apache.org%3E https://lists.apache.org/thread.html/c358754a35473a61477f9d487870581a0dd7054ff95974628fa09f97@%3Cusers.maven.apache.org%3E http://www.openwall.com/lists/oss-security/2019/04/30/7 Common Vulnerability Exposure (CVE) ID: CVE-2019-0214 BugTraq ID: 108124 http://www.securityfocus.com/bid/108124 Bugtraq: 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server (Google Search) https://seclists.org/bugtraq/2019/Apr/48 http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html https://lists.apache.org/thread.html/18b670afc2f83034f47ebeb2f797c350fe60f1f2b33c95b95f467ef8@%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/5851cb0214f22ba681fb445870eeb6b01afd1fb614e45a22978d7dda@%3Cusers.archiva.apache.org%3E https://lists.apache.org/thread.html/239349b6dd8f66cf87a70c287b03af451dea158b776d3dfc550b4f0e@%3Cusers.maven.apache.org%3E http://www.openwall.com/lists/oss-security/2019/04/30/8
Copyright	Copyright (C) 2019 Greenbone Networks GmbH