Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-51388
HistoryFeb 22, 2024 - 4:15 p.m.

Design/Logic Flaw

2024-02-2216:15:00
PRIOn knowledge base
www.prio-n.com
2
design flaw
logic flaw
hertzbeat
real-time monitoring
calculatealarm vulnerability
aviatorevaluator
security policy
script injection
aviatorscript
version 1.4.1

AI Score

7.8

Confidence

Low

EPSS

0

Percentile

9.0%

Hertzbeat is a real-time monitoring system. In CalculateAlarm.java, AviatorEvaluator is used to directly execute the expression function, and no security policy is configured, resulting in AviatorScript (which can execute any static method by default) script injection. Version 1.4.1 fixes this vulnerability.

AI Score

7.8

Confidence

Low

EPSS

0

Percentile

9.0%

Related for PRION:CVE-2023-51388