CVE-2016-8648 in JBoss Fuse정보

요약

\~에 의해 MITRE

It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. An attacker could use this flaw to execute remote code on the server as the user running the Java Virtual Machine if the target MBean contain deserialization gadgets in its classpath.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

Red Hat, Inc.

예약하다

2016. 10. 12.

공개

2018. 08. 01.

모더레이션

수락

항목

VDB-122465

CPE

준비됨

CWE

CWE-502 (확인됨)

CVSS

7.2 (NVD)

EPSS

0.00509

KEV

아니요

활동

매우 낮음

부문

Lawfirm, Industry, ...

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-8648
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-8648
CVE Details	https://www.cvedetails.com/cve/CVE-2016-8648/

◂ 이전 개요 다음 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!