| 제목 | SEAT Queue Ticket Kiosk Java Application no version found Java RMI Registry Expose |
|---|
| 설명 | Title: SEAT Queue Ticket Kiosk Java RMI Registry Exposes Remote Object
Software affected: SEAT Queue Ticket Kiosk Java Application (no version found)
Vendor: SEAT – Fabricante de Totens e Gestão de Filas - https://www.seat.ind.br/
Description:
The RMI Registry exposes at least one remote object. The object can be enumerated and inspected remotely, revealing its interface type and endpoint information.
Technical Details:
Enumeration of the registry can be performed using tools like Remote Method Guesser, revealing the bound object names and their interface types.
Impact:
An attacker can gather information about internal remote objects and understand the application architecture. This information could be useful for further attacks if additional artifacts, such as client .jar files, are obtained.
|
|---|
| 사용자 | Anonymous User |
|---|
| 제출 | 2025. 08. 27. PM 05:34 (8 개월 ago) |
|---|
| 모더레이션 | 2025. 09. 11. AM 07:25 (15 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 323612 [SEAT Queue Ticket Kiosk 까지 20250827 Java RMI Registry 권한 상승] |
|---|
| 포인트들 | 17 |
|---|