How severe is CVE-2016-5062?

CVE-2016-5062 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2016-5062

Name: aternity
Author: aternity

9.8CRITICAL

The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote attackers to execute arbitrary Java code by registering MBeans.

Опубликовано: 9/29/2016Обновлено: 4/12/2025

Описание

The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote attackers to execute arbitrary Java code by registering MBeans.

ИИ-АнализНа базе ИИ

Затронутые продукты

aternityaternity

Ссылки

http://www.kb.cert.org/vuls/id/706359
Third Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/93208
http://www.kb.cert.org/vuls/id/706359
Third Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/93208