Code injection

2015-05-3117:59:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

Low

0.3 Low

EPSS

Percentile

97.0%

JSON

The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors.

CPENameOperatorVersion
oncommand_workflow_automationeq3.0
oncommand_workflow_automationle2.2.1

CPE	Name	Operator	Version
	oncommand_workflow_automation	eq	3.0
	oncommand_workflow_automation	le	2.2.1

References

www.securityfocus.com/bid/74891

kb.netapp.com/support/index?page=content&id=9010037