| عنوان | SEAT Queue Ticket Kiosk Java Application no version found Java RMI Registry Expose |
|---|
| الوصف | Title: SEAT Queue Ticket Kiosk Java RMI Registry Exposes Remote Object
Software affected: SEAT Queue Ticket Kiosk Java Application (no version found)
Vendor: SEAT – Fabricante de Totens e Gestão de Filas - https://www.seat.ind.br/
Description:
The RMI Registry exposes at least one remote object. The object can be enumerated and inspected remotely, revealing its interface type and endpoint information.
Technical Details:
Enumeration of the registry can be performed using tools like Remote Method Guesser, revealing the bound object names and their interface types.
Impact:
An attacker can gather information about internal remote objects and understand the application architecture. This information could be useful for further attacks if additional artifacts, such as client .jar files, are obtained.
|
|---|
| المستخدم | Anonymous User |
|---|
| ارسال | 27/08/2025 05:34 PM (8 أشهر منذ) |
|---|
| الاعتدال | 11/09/2025 07:25 AM (15 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 323612 [SEAT Queue Ticket Kiosk حتى 20250827 Java RMI Registry تجاوز الصلاحيات] |
|---|
| النقاط | 17 |
|---|