exploitDog

CVE-2018-7047

Опубликовано: 01 мар. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. The file system may be read and written to via JMX using the default JMX credentials (remote code execution may be possible as well).

Ссылки

https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2018-7047.txt
https://www.wowza.com/docs/wowza-streaming-engine-4-7-1-release-notes
Release Notes
Vendor Advisory
https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2018-7047.txt
https://www.wowza.com/docs/wowza-streaming-engine-4-7-1-release-notes
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wowza:streaming_engine:*:*:*:*:*:*:*:*

Версия до 4.7.1 (исключая)

EPSS

Процентиль: 86%

0.02839

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-798

Связанные уязвимости

GHSA-rcrp-hqvr-vx5g

CVSS3: 9.8

github

больше 3 лет назад

An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. The file system may be read and written to via JMX using the default JMX credentials (remote code execution may be possible as well).

EPSS

Процентиль: 86%

0.02839

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-798