CVE-2019-17571 in Communications Unified Assurancethông tin

Tóm tắt

Bởi MITRE

Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Đặt trước

14/10/2019

Kiểm duyệt

được chấp nhận

mục

3

Liên hệ

hiển thị

EPSS

0.69060

KEV

không

Các hoạt động

rất thấp

Nguồn

Might our Artificial Intelligence support you?

Check our Alexa App!