Unrated severityNVD Advisory· Published Apr 10, 2014· Updated May 6, 2026

CVE-2013-6468

Description

JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.

Affected products

Red Hat/Jboss Bpm Suite
cpe:2.3:a:redhat:jboss_bpm_suite:6.0.0:*:*:*:*:*:*:*
Red Hat/Jboss Drools
cpe:2.3:a:redhat:jboss_drools:-:*:*:*:*:*:*:*
Red Hat/Jboss Enterprise Brms Platform
cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.0.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

rhn.redhat.com/errata/RHSA-2014-0371.htmlnvdVendor Advisory
rhn.redhat.com/errata/RHSA-2014-0372.htmlnvdVendor Advisory
secunia.com/advisories/57716nvdVendor Advisory
secunia.com/advisories/57719nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000