{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-09-30T00:00:00", "descriptions": [{"lang": "en", "value": "The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other products allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-10-30T09:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2013:1373", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1373.html"}, {"name": "RHSA-2013:1369", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1369.html"}, {"name": "RHSA-2013:1372", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1372.html"}, {"name": "RHSA-2013:1370", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1370.html"}, {"name": "RHSA-2013:1371", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1371.html"}, {"name": "RHSA-2013:1448", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1448.html"}, {"name": "RHSA-2013:1374", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1374.html"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T16:38:01.696Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2013:1373", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1373.html"}, {"name": "RHSA-2013:1369", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1369.html"}, {"name": "RHSA-2013:1372", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1372.html"}, {"name": "RHSA-2013:1370", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1370.html"}, {"name": "RHSA-2013:1371", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1371.html"}, {"name": "RHSA-2013:1448", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1448.html"}, {"name": "RHSA-2013:1374", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1374.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-4210", "datePublished": "2013-10-01T17:00:00", "dateReserved": "2013-06-12T00:00:00", "dateUpdated": "2024-08-06T16:38:01.696Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F5D7F1AD-4BD3-4C37-B6B5-B287464B2EEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "4DECC247-477B-4AB3-9FD4-B7B6726A728D", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "C70B67DF-8122-40D6-9301-B1DD31D71F55", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CD4700B-4C95-426E-ADF6-D165BB3E6F85", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "93B87581-F441-4A93-B797-337B7572CC08", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "38F66D5B-F906-437E-977E-F9F930648886", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other products allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors."}, {"lang": "es", "value": "La clase org.jboss.remoting.transport.socket.ServerThread en Red Hat JBoss Remoting para Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, y otros productos, permite a atacantes remotos causar denegaci\u00f3n de servicio (consumo de descriptores de fichero) a trav\u00e9s de vectores no especificados."}], "id": "CVE-2013-4210", "lastModified": "2013-10-31T03:34:50.563", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-10-01T17:55:03.490", "references": [{"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2013-1369.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2013-1370.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1371.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1372.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1373.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1374.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2013-1448.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by James Livingston (Red Hat Support Engineering Group).", "affected_release": [{"advisory": "RHSA-2013:1370", "cpe": "cpe:/a:redhat:jboss_enterprise_web_platform:5::el5", "package": "jboss-remoting-0:2.5.4-11.SP4_patch01.ep5.el5", "product_name": "JBEWP 5 for RHEL 5", "release_date": "2013-09-30T00:00:00Z"}, {"advisory": "RHSA-2013:1370", "cpe": "cpe:/a:redhat:jboss_enterprise_web_platform:5::el6", "package": "jboss-remoting-0:2.5.4-11.SP4_patch01.ep5.el6", "product_name": "JBEWP 5 for RHEL 6", "release_date": "2013-09-30T00:00:00Z"}, {"advisory": "RHSA-2013:1373", "cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:5.3.1", "product_name": "JBoss Enterprise BRMS Platform 5.3", "release_date": "2013-09-30T00:00:00Z"}, {"advisory": "RHSA-2013:1371", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5.2.0", "product_name": "Red Hat JBoss Enterprise Application Platform 5.2", "release_date": "2013-09-30T00:00:00Z"}, {"advisory": "RHSA-2013:1369", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5::el4", "package": "jboss-remoting-0:2.5.4-11.SP4_patch01.ep5.el4", "product_name": "Red Hat JBoss Enterprise Application Platform 5 for RHEL 4", "release_date": "2013-09-30T00:00:00Z"}, {"advisory": "RHSA-2013:1369", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5::el5", "package": "jboss-remoting-0:2.5.4-11.SP4_patch01.ep5.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 5 for RHEL 5", "release_date": "2013-09-30T00:00:00Z"}, {"advisory": "RHSA-2013:1369", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5::el6", "package": "jboss-remoting-0:2.5.4-11.SP4_patch01.ep5.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 5 for RHEL 6", "release_date": "2013-09-30T00:00:00Z"}, {"advisory": "RHSA-2013:1448", "cpe": "cpe:/a:redhat:jboss_operations_network:3.1.2", "product_name": "Red Hat JBoss Operations Network 3.1", "release_date": "2013-10-21T00:00:00Z"}, {"advisory": "RHSA-2013:1374", "cpe": "cpe:/a:redhat:jboss_enterprise_soa_platform:5.3.1", "product_name": "Red Hat JBoss SOA Platform 5.3", "release_date": "2013-09-30T00:00:00Z"}, {"advisory": "RHSA-2013:1372", "cpe": "cpe:/a:redhat:jboss_enterprise_web_platform:5.2.0", "product_name": "Red Hat JBoss Web Platform 5.2", "release_date": "2013-09-30T00:00:00Z"}], "bugzilla": {"description": "Remoting: DoS by file descriptor exhaustion", "id": "994321", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=994321"}, "csaw": false, "cvss": {"cvss_base_score": "5.0", "cvss_scoring_vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "status": "verified"}, "details": ["The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other products allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors."], "name": "CVE-2013-4210", "package_state": [{"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:5", "fix_state": "Affected", "package_name": "remoting", "product_name": "Red Hat JBoss BRMS 5"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4", "fix_state": "Will not fix", "package_name": "remoting", "product_name": "Red Hat JBoss Enterprise Application Platform 4"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Not affected", "package_name": "remoting", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Will not fix", "package_name": "dsp-5.2.0", "product_name": "Red Hat JBoss Enterprise Web Server 1"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Affected", "package_name": "ewp-5", "product_name": "Red Hat JBoss Enterprise Web Server 1"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Will not fix", "package_name": "others", "product_name": "Red Hat JBoss Enterprise Web Server 1"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Not affected", "package_name": "remoting3", "product_name": "Red Hat JBoss Enterprise Web Server 1"}, {"cpe": "cpe:/a:redhat:jboss_operations_network:3.1", "fix_state": "Affected", "package_name": "remoting", "product_name": "Red Hat JBoss Operations Network 3.1"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_portal_platform:5", "fix_state": "Will not fix", "package_name": "remoting", "product_name": "Red Hat JBoss Portal 5"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_soa_platform:5", "fix_state": "Affected", "package_name": "remoting", "product_name": "Red Hat JBoss SOA Platform 5"}], "public_date": "2013-09-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-4210\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-4210"], "threat_severity": "Moderate"}