Java Vulnerability CVE-2013-5838 patched in 2013 re-emerges

By March 15, 2016 August 1st, 2018 Blog

Java Vulnerability CVE-2013-5838 patched in 2013 re-emerges

Waratek RASP Solution Offers Protection

Industry media and security firm Security Explorations report that a Java vulnerability identified and fixed in 2013 can still be exploited, even on the latest available versions of Java: Java SE 7 Update 97, Java SE 8 Update 74 and Java SE 9 Early Access Build 108.

Rated by Oracle in 2013 as 9.3 out of 10 on the Common Vulnerability Scoring System (CVSS), CVE-2013-5838 [Common Vulnerabilities and Exposures (CVE) database] can be exploited remotely, without authentication, to completely compromise a system’s confidentiality, integrity and availability. Click for details of the vulnerability.

Certified Oracle Java CompatibleWaratek’s innovative Runtime Application Security Protection (RASP) solutions protect data and applications from vulnerabilities in current and legacy Java versions without patching. We protect the full application stack using a pioneering virtual container technology that operates in the runtime.

Using Waratek’s RASP containers with a default security policy, CVE-2013-5838 is automatically mitigated and no specific security rule for this CVE is required. Default security policies work in one of two ways: either reducing the severity of a given vulnerability, or eliminating the vulnerability altogether. In the case of CVE-2013-5838, a default security policy immediately reduces the severity of this vulnerability to partial and eliminates the complete compromise of the host computer system and its data. This benefit is achieved with no foreknowledge of this CVE or the nature of its exploit.

Learn how Waratek can improve your application security with an easy to install, cost efficient, highly effective solution that does not degrade application or network performance and produces zero false positives*.

*Yes, we know that sounds too good to be true, but we can prove it!  Just ask for a technical demonstration and we’ll show you how easily and quickly you can improve your application security with Waratek.


Author Waratek

Some of the world’s leading companies use Waratek to patch, secure and upgrade their mission critical web applications using our next generation technology. Waratek makes it easy for security teams to instantly patch known Java and .NET flaws with no downtime, protect their applications from known and Zero Day attacks, and virtually upgrade out-of-support Java applications – all without time consuming and expensive source code changes or unacceptable performance overhead.

More posts by Waratek