Remote Code Execution Vulnerability in Apache Camel Products
CVE-2013-4330

Currently unrated

Key Information:

Vendor

Apache
Status
Camel
Vendor
CVE Published:
4 October 2013

What is CVE-2013-4330?

The vulnerability in Apache Camel allows remote attackers to execute arbitrary expressions via the '$simple{}' syntax included in the CamelFileName message header. This affects various configurations, specifically with FILE or FTP producers, enabling the potential for unauthorized operations and manipulation of system resources. It’s critical for administrators to update their installations to prevent exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/54888
third-party-advisoryx_refsource_SECUNIA
http://seclists.org/fulldisclosure/2013/Sep/178
mailing-listx_refsource_FULLDISC
http://rhn.redhat.com/errata/RHSA-2013-1862.html
vendor-advisoryx_refsource_REDHAT

EPSS Score

22% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.