Описание
The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.12.2.Final-4 |
| esm-apps/xenial | not-affected | 2.12.2.Final-4 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2.12.2.Final-4]] |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | not-affected | 2.12.2.Final-4 |
| trusty | not-affected | 2.12.2.Final-4 |
Показывать по
Ссылки на источники
EPSS
5.4 Medium
CVSS2
Связанные уязвимости
The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.
The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.
The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and ...
Exposure of Sensitive Information to an Unauthorized Actor in JGroup
EPSS
5.4 Medium
CVSS2