Описание
There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.3.3 (исключая)
cpe:2.3:a:arubanetworks:airwave_glass:*:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00735
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-502
Связанные уязвимости
github
больше 3 лет назад
There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system.
EPSS
Процентиль: 72%
0.00735
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-502