Ant Media Server vulnerable to a local privilege escalation

Impact We have identified a local privilege escalation vulnerability in Ant Media Server which allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerability arises from Ant Media Server running with Java Management Extensio...

PT-2024-24748 · Unknown · Ant Media Server

Name of the Vulnerable Software and Affected Versions: Ant Media Server versions 2.6.0 through 2.8.2 Description: A local privilege escalation issue is present in Ant Media Server, allowing any unprivileged operating system user account to escalate privileges to the root user account on the syste...

CVE-2024-28211

nGrinder before 3.5.9 allows connection to malicious JMX/RMI server by default, which could be the cause of executing arbitrary code via RMI registry by remote attacker...

PT-2024-22337 · Ngrinder · Ngrinder

Name of the Vulnerable Software and Affected Versions: nGrinder versions prior to 3.5.9 Description: The issue allows a connection to a malicious JMX/RMI server by default, potentially leading to the execution of arbitrary code via the RMI registry by a remote attacker. Recommendations: For...

GHSA-M9P2-J4HG-G373 Apache Cassandra: Privilege escalation when enabling FQL/Audit logs

Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...

VulnCheck KEV: CVE-2016-8735

Apache Tomcat contains an unspecified vulnerability that allows for remote code execution if JmxRemoteLifecycleListener is used and an attacker can reach Java Management Extension JMX ports. This CVE exists because this listener wasn't updated for consistency with the Oracle patched issues...

VulnCheck KEV: CVE-2016-3427

Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions JMX. This vulnerability can be exploited through sandboxed Java Web Start applications and...

Oracle Java SE and JRockit Unspecified Vulnerability

Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions JMX. This vulnerability can be exploited through sandboxed Java Web Start applications and sandbox...

Apache James 安全漏洞

Apache James is the United States Apache Apache Foundation of a completely written in Java open source Smtp and Pop3 mail transfer agent and Nntp news server . An elevation of privilege vulnerability exists in Apache James 3.7.3 and earlier versions, which stems from the default provisioning of J...

SUSE CVE-2008-3103

Unspecified vulnerability in the Java Management Extensions JMX management agent in Sun Java Runtime Environment JRE in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to "perform unauthorized operations" via...

SUSE CVE-2009-2090

Unspecified vulnerability in wsadmin in the System Management/Repository component in IBM WebSphere Application Server WAS 7.0 before 7.0.0.5 allows remote attackers to bypass intended Java Management Extensions JMX Management Beans aka MBeans access restrictions, and cause a denial of service...

SUSE CVE-2009-2476

The Java Management Extensions JMX implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged...

SUSE CVE-2012-3143

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than...

SUSE CVE-2012-5071

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX...

SUSE CVE-2012-5070

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, related to JMX...

SUSE CVE-2012-5075

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX...

SUSE CVE-2013-0409

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX...

SUSE CVE-2013-0450

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the...

SUSE CVE-2013-2457

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from...

SUSE CVE-2015-0225

The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request...