CVE-2016-9498 in Applications Managerinfo

Zusammenfassung

von MITRE

ManageEngine Applications Manager 12 and 13, allows unserialization of unsafe Java objects. The vulnerability can be exploited by remote user without authentication and it allows to execute remote code compromising the application as well as the operating system. As Application Manager's RMI registry is running with privileges of system administrator, by exploiting this vulnerability an attacker gains highest privileges on the underlying operating system.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

21.11.2016

Veröffentlichung

13.07.2018

Moderieren

akzeptiert

Eintrag

VDB-121465

CPE

bereit

CWE

CWE-502 (bestätigt)

CVSS

9.8 (NVD)

EPSS

0.60189

KEV

nein

Aktivitäten

very low

Sektor

Pharma, Government, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-9498
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-9498
CVE Details	https://www.cvedetails.com/cve/CVE-2016-9498/

◂ Zurück Übersicht Weiter ▸

Do you need the next level of professionalism?

Upgrade your account now!