VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-b4mz-sxct-43ac

Essentials
Severities (39)
References (26)
Severity details (38)
Exploits (2)
EPSS
History (1)

Vulnerability ID	VCID-b4mz-sxct-43ac
Aliases	CVE-2013-0431
Summary	OpenJDK: JMX Introspector missing package access check (JMX, 8000539, SE-2012-01 Issue 52)
Status	Published
Exploitability	None
Weighted Severity	None
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
cvssv3.1	5.3	http://arstechnica.com/security/2013/01/critical-java-vulnerabilies-confirmed-in-latest-version/
ssvc	Attend	http://arstechnica.com/security/2013/01/critical-java-vulnerabilies-confirmed-in-latest-version/
cvssv3.1	5.3	http://blogs.computerworld.com/malware-and-vulnerabilities/21693/yet-another-java-security-flaw-discovered-number-53
ssvc	Attend	http://blogs.computerworld.com/malware-and-vulnerabilities/21693/yet-another-java-security-flaw-discovered-number-53
cvssv3.1	5.3	http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html
ssvc	Attend	http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html
cvssv3.1	5.3	http://marc.info/?l=bugtraq&m=136439120408139&w=2
ssvc	Attend	http://marc.info/?l=bugtraq&m=136439120408139&w=2
cvssv3.1	5.3	http://marc.info/?l=bugtraq&m=136733161405818&w=2
ssvc	Attend	http://marc.info/?l=bugtraq&m=136733161405818&w=2
cvssv3.1	5.3	http://rhn.redhat.com/errata/RHSA-2013-0237.html
ssvc	Attend	http://rhn.redhat.com/errata/RHSA-2013-0237.html
cvssv3.1	5.3	http://rhn.redhat.com/errata/RHSA-2013-0247.html
ssvc	Attend	http://rhn.redhat.com/errata/RHSA-2013-0247.html
epss	0.91543	https://api.first.org/data/v1/epss?cve=CVE-2013-0431
cvssv3.1	5.3	http://seclists.org/fulldisclosure/2013/Jan/142
ssvc	Attend	http://seclists.org/fulldisclosure/2013/Jan/142
cvssv3.1	5.3	http://seclists.org/fulldisclosure/2013/Jan/195
ssvc	Attend	http://seclists.org/fulldisclosure/2013/Jan/195
cvssv3.1	5.3	http://security.gentoo.org/glsa/glsa-201406-32.xml
ssvc	Attend	http://security.gentoo.org/glsa/glsa-201406-32.xml
cvssv3.1	5.3	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16579
ssvc	Attend	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16579
cvssv3.1	5.3	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19418
ssvc	Attend	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19418
cvssv3.1	5.3	https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056
ssvc	Attend	https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056
cvssv3.1	5.3	http://www.informationweek.com/security/application-security/java-hacker-uncovers-two-flaws-in-latest/240146717
ssvc	Attend	http://www.informationweek.com/security/application-security/java-hacker-uncovers-two-flaws-in-latest/240146717
cvssv3.1	5.3	http://www.kb.cert.org/vuls/id/858729
ssvc	Attend	http://www.kb.cert.org/vuls/id/858729
cvssv3.1	5.3	http://www.mandriva.com/security/advisories?name=MDVSA-2013:095
ssvc	Attend	http://www.mandriva.com/security/advisories?name=MDVSA-2013:095
cvssv3.1	5.3	http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
ssvc	Attend	http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
cvssv3.1	5.3	http://www.securityfocus.com/archive/1/525387/30/0/threaded
ssvc	Attend	http://www.securityfocus.com/archive/1/525387/30/0/threaded
cvssv3.1	5.3	http://www.us-cert.gov/cas/techalerts/TA13-032A.html
ssvc	Attend	http://www.us-cert.gov/cas/techalerts/TA13-032A.html

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0431.json
		https://api.first.org/data/v1/epss?cve=CVE-2013-0431
142		http://seclists.org/fulldisclosure/2013/Jan/142
195		http://seclists.org/fulldisclosure/2013/Jan/195
240146717		http://www.informationweek.com/security/application-security/java-hacker-uncovers-two-flaws-in-latest/240146717
858729		http://www.kb.cert.org/vuls/id/858729
906447		https://bugzilla.redhat.com/show_bug.cgi?id=906447
advisories?name=MDVSA-2013:095		http://www.mandriva.com/security/advisories?name=MDVSA-2013:095
critical-java-vulnerabilies-confirmed-in-latest-version		http://arstechnica.com/security/2013/01/critical-java-vulnerabilies-confirmed-in-latest-version/
CVE-2013-0431;OSVDB-89613	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/24539.rb
GLSA-201406-32		https://security.gentoo.org/glsa/201406-32
javacpufeb2013-1841061.html		http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
?l=bugtraq&m=136439120408139&w=2		http://marc.info/?l=bugtraq&m=136439120408139&w=2
?l=bugtraq&m=136733161405818&w=2		http://marc.info/?l=bugtraq&m=136733161405818&w=2
MGASA-2013-0056		https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056
msg00001.html		http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html
oval%3Aorg.mitre.oval%3Adef%3A16579		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16579
oval%3Aorg.mitre.oval%3Adef%3A19418		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19418
RHSA-2013:0237		https://access.redhat.com/errata/RHSA-2013:0237
RHSA-2013-0237.html		http://rhn.redhat.com/errata/RHSA-2013-0237.html
RHSA-2013:0247		https://access.redhat.com/errata/RHSA-2013:0247
RHSA-2013-0247.html		http://rhn.redhat.com/errata/RHSA-2013-0247.html
RHSA-2013:0626		https://access.redhat.com/errata/RHSA-2013:0626
TA13-032A.html		http://www.us-cert.gov/cas/techalerts/TA13-032A.html
threaded		http://www.securityfocus.com/archive/1/525387/30/0/threaded
yet-another-java-security-flaw-discovered-number-53		http://blogs.computerworld.com/malware-and-vulnerabilities/21693/yet-another-java-security-flaw-discovered-number-53

Data source	Exploit-DB
Date added	Feb. 25, 2013
Description	Java Applet JMX - Remote Code Execution (Metasploit) (2)
Ransomware campaign use	Known
Source publication date	Feb. 25, 2013
Exploit type	remote
Platform	multiple
Source update date	Feb. 25, 2013

Data source	Metasploit
Description	This module abuses the JMX classes from a Java Applet to run arbitrary Java code outside of the sandbox as exploited in the wild in February of 2013. Additionally, this module bypasses default security settings introduced in Java 7 Update 10 to run unsigned applet without displaying any warning to the user.
Note	Reliability: - unknown-reliability Stability: - unknown-stability SideEffects: - unknown-side-effects
Ransomware campaign use	Unknown
Source publication date	Jan. 19, 2013
Platform	Java,Linux,OSX,Windows
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/browser/java_jre17_jmxbean_2.rb

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://arstechnica.com/security/2013/01/critical-java-vulnerabilies-confirmed-in-latest-version/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://arstechnica.com/security/2013/01/critical-java-vulnerabilies-confirmed-in-latest-version/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://blogs.computerworld.com/malware-and-vulnerabilities/21693/yet-another-java-security-flaw-discovered-number-53

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://blogs.computerworld.com/malware-and-vulnerabilities/21693/yet-another-java-security-flaw-discovered-number-53

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://marc.info/?l=bugtraq&m=136439120408139&w=2

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://marc.info/?l=bugtraq&m=136439120408139&w=2

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://marc.info/?l=bugtraq&m=136733161405818&w=2

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://marc.info/?l=bugtraq&m=136733161405818&w=2

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0237.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://rhn.redhat.com/errata/RHSA-2013-0237.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0247.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://rhn.redhat.com/errata/RHSA-2013-0247.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://seclists.org/fulldisclosure/2013/Jan/142

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://seclists.org/fulldisclosure/2013/Jan/142

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://seclists.org/fulldisclosure/2013/Jan/195

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://seclists.org/fulldisclosure/2013/Jan/195

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://security.gentoo.org/glsa/glsa-201406-32.xml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://security.gentoo.org/glsa/glsa-201406-32.xml

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16579

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16579

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19418

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19418

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://www.informationweek.com/security/application-security/java-hacker-uncovers-two-flaws-in-latest/240146717

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://www.informationweek.com/security/application-security/java-hacker-uncovers-two-flaws-in-latest/240146717

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://www.kb.cert.org/vuls/id/858729

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://www.kb.cert.org/vuls/id/858729

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://www.mandriva.com/security/advisories?name=MDVSA-2013:095

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://www.mandriva.com/security/advisories?name=MDVSA-2013:095

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://www.securityfocus.com/archive/1/525387/30/0/threaded

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://www.securityfocus.com/archive/1/525387/30/0/threaded

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://www.us-cert.gov/cas/techalerts/TA13-032A.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-10T19:50:20Z/ Found at http://www.us-cert.gov/cas/techalerts/TA13-032A.html

Exploit Prediction Scoring System (EPSS)

Percentile	0.99686
EPSS Score	0.91543
Published At	May 29, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-05-29T10:10:07.974194+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0431.json	38.6.0