exploitDog

CVE-2020-9761

Опубликовано: 04 мар. 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An issue was discovered in UNCTAD ASYCUDA World 2001 through 2020. The Java RMI Server has an Insecure Default Configuration, leading to Java Code Execution from a remote URL because an RMI Distributed Garbage Collector method is called.

Ссылки

https://pastebin.com/jP4thzzG
Third Party Advisory
https://unctad.org/en/Pages/DTL/TTL/ASYCUDA-Programme.aspx
Product
https://pastebin.com/jP4thzzG
Third Party Advisory
https://unctad.org/en/Pages/DTL/TTL/ASYCUDA-Programme.aspx
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:unctad:asycuda_world:*:*:*:*:*:*:*:*

Версия от 2001 (включая) до 2020 (включая)

EPSS

Процентиль: 70%

0.00646

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-w368-jpvv-7g4x

github

больше 3 лет назад

An issue was discovered in UNCTAD ASYCUDA World 2001 through 2020. The Java RMI Server has an Insecure Default Configuration, leading to Java Code Execution from a remote URL because an RMI Distributed Garbage Collector method is called.

EPSS

Процентиль: 70%

0.00646

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo