| Title | SEAT Queue Ticket Kiosk Java Application no version found Java RMI Registry Expose |
|---|
| Description | Title: SEAT Queue Ticket Kiosk Java RMI Registry Exposes Remote Object
Software affected: SEAT Queue Ticket Kiosk Java Application (no version found)
Vendor: SEAT – Fabricante de Totens e Gestão de Filas - https://www.seat.ind.br/
Description:
The RMI Registry exposes at least one remote object. The object can be enumerated and inspected remotely, revealing its interface type and endpoint information.
Technical Details:
Enumeration of the registry can be performed using tools like Remote Method Guesser, revealing the bound object names and their interface types.
Impact:
An attacker can gather information about internal remote objects and understand the application architecture. This information could be useful for further attacks if additional artifacts, such as client .jar files, are obtained.
|
|---|
| User | Anonymous User |
|---|
| Submission | 08/27/2025 17:34 (8 months ago) |
|---|
| Moderation | 09/11/2025 07:25 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 323612 [SEAT Queue Ticket Kiosk up to 20250827 Java RMI Registry deserialization] |
|---|
| Points | 17 |
|---|