Описание
In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin's acceptability (for later Dashboard installation) is set by the "emqx ctl plugins allow" CLI command.
EPSS
Процентиль: 6%
0.00025
Низкий
3 Low
CVSS3
Дефекты
CWE-754
Связанные уязвимости
CVSS3: 3
github
6 месяцев назад
In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin's acceptability (for later Dashboard installation) is set by the "emqx ctl plugins allow" CLI command.
EPSS
Процентиль: 6%
0.00025
Низкий
3 Low
CVSS3
Дефекты
CWE-754