Vulners
Lucene search
Linux Distros Unpatched Vulnerability : CVE-2023-37895
| Reporter | Title | Published | Views | Family All 21 |
|---|---|---|---|---|
 | Security Bulletin: Common vulnerabilities addressed in Cloudera Data Platform 7.1.9 HF2 | 26 Mar 202503:55 | – | ibm |
 | CVE-2023-37895 | 25 Jul 202318:27 | – | circl |
 | Apache Jackrabbit 代码问题漏洞 | 25 Jul 202300:00 | – | cnnvd |
 | Apache Jackrabbit Code Execution Vulnerability | 30 Jul 202300:00 | – | cnvd |
 | CVE-2023-37895 | 25 Jul 202314:02 | – | cve |
 | CVE-2023-37895 Apache Jackrabbit RMI access can lead to RCE | 25 Jul 202314:02 | – | cvelist |
 | CVE-2023-37895 | 25 Jul 202314:02 | – | debiancve |
 | EUVD-2023-2127 | 3 Oct 202520:07 | – | euvd |
 | Remote code execution in Apache Jackrabbit | 25 Jul 202315:30 | – | github |
 | Vulnerability fixed in Apache Jackrabbit | 27 Jul 202300:00 | – | ncsc |
10
| Source | Link |
|---|---|
| security-tracker | www.security-tracker.debian.org/tracker/CVE-2023-37895 |
| ubuntu | www.ubuntu.com/security/CVE-2023-37895 |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(227103);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/04/29");
script_cve_id("CVE-2023-37895");
script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2023-37895");
script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.
- Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to
remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable
branch) use the component commons-beanutils, which contains a class that can be used for remote code
execution over RMI. Users are advised to immediately update to versions 2.20.11 or 2.21.18. Note that
earlier stable branches (1.0.x .. 2.18.x) have been EOLd already and do not receive updates anymore. In
general, RMI support can expose vulnerabilities by the mere presence of an exploitable class on the
classpath. Even if Jackrabbit itself does not contain any code known to be exploitable anymore, adding
other components to your server can expose the same type of problem. We therefore recommend to disable RMI
access altogether (see further below), and will discuss deprecating RMI support in future Jackrabbit
releases. How to check whether RMI support is enabledRMI support can be over an RMI-specific TCP port, and
over an HTTP binding. Both are by default enabled in Jackrabbit webapp/standalone. The native RMI protocol
by default uses port 1099. To check whether it is enabled, tools like netstat can be used to check. RMI-
over-HTTP in Jackrabbit by default uses the path /rmi. So when running standalone on port 8080, check
whether an HTTP GET request on localhost:8080/rmi returns 404 (not enabled) or 200 (enabled). Note that
the HTTP path may be different when the webapp is deployed in a container as non-root context, in which
case the prefix is under the user's control. Turning off RMIFind web.xml (either in JAR/WAR file or in
unpacked web application folder), and remove the declaration and the mapping definition for the
RemoteBindingServlet: <servlet> <servlet-name>RMI</servlet-name> <servlet-
class>org.apache.jackrabbit.servlet.remote.RemoteBindingServlet</servlet-class> </servlet> <servlet-
mapping> <servlet-name>RMI</servlet-name> <url-pattern>/rmi</url-pattern> </servlet-mapping> Find the
bootstrap.properties file (in $REPOSITORY_HOME), and set rmi.enabled=false and also remove rmi.host
rmi.port rmi.url-pattern If there is no file named bootstrap.properties in $REPOSITORY_HOME, it is located
somewhere in the classpath. In this case, place a copy in $REPOSITORY_HOME and modify it as explained.
(CVE-2023-37895)
Note that Nessus relies on the presence of the package as reported by the vendor.");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37895");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2023-37895");
script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
script_set_attribute(attribute:"agent", value:"unix");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-37895");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vendor_unpatched", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/07/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/05");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:24.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:12.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:jackrabbit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:jackrabbit");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("set_linux_os_id.nasl", "ssh_get_info2.nasl");
script_require_keys("Host/OS/identifier", "Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched");
script_require_ports("Host/OS/Debian Linux-11", "Host/OS/Debian Linux-12", "Host/OS/Ubuntu Linux-14.04", "Host/OS/Ubuntu Linux-16.04", "Host/OS/Ubuntu Linux-18.04", "Host/OS/Ubuntu Linux-20.04", "Host/OS/Ubuntu Linux-22.04", "Host/OS/Ubuntu Linux-24.04");
exit(0);
}
if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);
include('linux_unpatched.inc');
var distro_constraints_array = {
"Debian Linux-11": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "11",
"pkgs": [
{"reference": "libjackrabbit-java"}
]
}
]
},
"Debian Linux-12": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "12",
"pkgs": [
{"reference": "libjackrabbit-java"}
]
}
]
},
"Ubuntu Linux-14.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "14.04",
"pkgs": [
{"reference": "jackrabbit"}
]
}
]
},
"Ubuntu Linux-16.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "16.04",
"pkgs": [
{"reference": "jackrabbit"}
]
}
]
},
"Ubuntu Linux-18.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "18.04",
"pkgs": [
{"reference": "jackrabbit"}
]
}
]
},
"Ubuntu Linux-20.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "20.04",
"pkgs": [
{"reference": "jackrabbit"}
]
}
]
},
"Ubuntu Linux-22.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "22.04",
"pkgs": [
{"reference": "jackrabbit"}
]
}
]
},
"Ubuntu Linux-24.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "24.04",
"pkgs": [
{"reference": "jackrabbit"}
]
}
]
}
};
var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);
if (!empty_or_null(report))
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : report
);
exit(0);
}
else
{
audit(AUDIT_HOST_NOT, 'affected');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
29 Apr 2026 00:00Current
8.9High risk
Vulners AI Score8.9
CVSS 3.19.8
EPSS0.10007
SSVC