EPSS
Percentile
55.0%
In Karaf prior to version 4.2.0, arbitrary file read and write, in additional to arbitrary command execution, is possible via the Karaf ssh console, if enabled.
bugzilla.redhat.com/show_bug.cgi?id=1631102
www.cve.org/CVERecord?id=CVE-2018-11786 https://nvd.nist.gov/vuln/detail/CVE-2018-11786 karaf.apache.org/security/cve-2018-11786.txt