Описание
eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP to download files.
Отчет
Red Hat does not currently ship eNovance edeploy in a product form and as such this issue has been filed upstream.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss Enterprise Web Server 1 | eDeploy | Will not fix |
Показывать по
10
Дополнительная информация
Статус:
Low
Дефект:
CWE-319
https://bugzilla.redhat.com/show_bug.cgi?id=1202972enovance: use of HTTP to download sensitive files
EPSS
Процентиль: 86%
0.028
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
CVSS3: 9.8
nvd
больше 8 лет назад
eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP to download files.
CVSS3: 9.8
debian
больше 8 лет назад
eDeploy makes it easier for remote attackers to execute arbitrary code ...
CVSS3: 9.8
github
больше 3 лет назад
eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP to download files.
EPSS
Процентиль: 86%
0.028
Низкий
4.3 Medium
CVSS2