CVE-2013-4128
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2013-4128
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by remote-naming, which allows remote attackers to hijack sessions by using a remoting client.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
JBoss Enterprise Application Platform 配置错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Red Hat JBoss Enterprise Application Platform(EAP)是美国红帽(Red Hat)公司的一套开源、基于J2EE的中间件平台。该平台主要用于构建、部署和托管Java应用程序与服务。 Red Hat JBoss EAP 6.1.0版本中存在安全漏洞,该漏洞源于程序没有正确地以远程命名的方式对EJB(Enterprise Java Beans)调用进行缓存。远程攻击者可通过使用远程客户端利用该漏洞劫持会话。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2013-4128
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2013-4128
Please Login to view more intelligence information
- 🔗 https://bugzilla.redhat.com/show_bug.cgi?id=984795x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2013-4128
Same Patch Batch · n/a · 2013-08-16 · 24 CVEs total
| CVE-2013-5310 | TYPO3 DB Integration扩展SQL注入漏洞 | |
| CVE-2013-4698 | Cybozu Mailwise 信息泄露漏洞 | |
| CVE-2013-4007 | IBM BladeCenter AMM模块跨站脚本漏洞 | |
| CVE-2013-3040 | IBM InfoSphere Information Server 信息泄露漏洞 | |
| CVE-2013-3034 | IBM InfoSphere Information Server 跨站脚本漏洞 | |
| CVE-2013-0587 | IBM WebSphere Portal 多个跨站脚本漏洞 | |
| CVE-2013-0585 | IBM InfoSphere Information Server 多个跨站脚本漏洞 | |
| CVE-2013-5097 | JA1500设备 Juniper Junos Space 权限许可和访问控制漏洞 | |
| CVE-2013-5096 | JA1500设备 Juniper Junos Space 权限许可和访问控制漏洞 | |
| CVE-2013-5095 | JA1500设备 Juniper Junos Space 基于Web界面跨站脚本漏洞 | |
| CVE-2013-1888 | Python pip 不安全临时文件漏洞 | |
| CVE-2013-4213 | JBoss Enterprise Application Platform 配置错误漏洞 | |
| CVE-2013-3319 | SAP Netweaver 信息泄露漏洞 | |
| CVE-2013-5309 | FUDforum install/forum_data/src/custom_fields.inc.t 跨站脚本漏洞 | |
| CVE-2013-5308 | TYPO3 RealURL Management扩展跨站脚本漏洞 | |
| CVE-2013-5307 | TYPO3 Faceted Search扩展跨站脚本漏洞 | |
| CVE-2013-5306 | Typo3 Browser - TYPO3 without PHP SQL注入漏洞 | |
| CVE-2013-5305 | TYPO3 Store Locator扩展跨站脚本漏洞 | |
| CVE-2013-5304 | TYPO3 Store Locator扩展SQL注入漏洞 | |
| CVE-2013-5303 | TYPO3 Locator扩展安全漏洞 |
Showing top 20 of 24 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2013-4128
No comments yet