CVE-2013-6468
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0047 (0.5%)
Percentil: 64.7%
EPSS: 2026-05-06
Afecta
redhat:jboss_bpm_suiteredhat:jboss_droolsredhat:jboss_enterprise_brms_platformDescripción técnica
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.
Publicada: 10/4/2014, 20:29:20
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://rhn.redhat.com/errata/RHSA-2014-0371.html
- http://rhn.redhat.com/errata/RHSA-2014-0372.html
- http://secunia.com/advisories/57716
- http://secunia.com/advisories/57719
- http://rhn.redhat.com/errata/RHSA-2014-0371.html
- http://rhn.redhat.com/errata/RHSA-2014-0372.html
- http://secunia.com/advisories/57716
- http://secunia.com/advisories/57719