How severe is CVE-2016-5062?

CVE-2016-5062 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2016-5062

Name: aternity
Author: aternity

9.8CRITICAL

The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote attackers to execute arbitrary Java code by registering MBeans.

Publicado: 9/29/2016Atualizado: 4/12/2025

Descrição

The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote attackers to execute arbitrary Java code by registering MBeans.

Análise IADesenvolvido por IA

Produtos Afetados

aternityaternity

Referências

http://www.kb.cert.org/vuls/id/706359
Third Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/93208
http://www.kb.cert.org/vuls/id/706359
Third Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/93208