How severe is CVE-2016-5062?

CVE-2016-5062 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2016-5062

Name: aternity
Author: aternity

9.8CRITICAL

The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote attackers to execute arbitrary Java code by registering MBeans.

发布于: 9/29/2016更新于: 4/12/2025

描述

The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote attackers to execute arbitrary Java code by registering MBeans.

AI分析AI驱动

受影响产品

aternityaternity

参考资料

http://www.kb.cert.org/vuls/id/706359
Third Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/93208
http://www.kb.cert.org/vuls/id/706359
Third Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/93208