Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:54 p.m.5 views

CVE-2021-37578

Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...

9.8CVSS7.3AI score0.04115EPSS
Exploits0References1
NVD
NVD
added 2021/07/29 7:15 a.m.86 views

CVE-2021-37578

Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...

9.8CVSS0.04115EPSS
Exploits0References2
CVE
CVE
added 2021/07/29 7:5 a.m.98 views

CVE-2021-37578

Apache jUDDI prior to 3.3.10 exposed a deserialization-based remote code execution vector via RMI. The issue arises from Java serialization in RMI entries, potentially allowing remote code execution if exploited. RMI is disabled by default for jUDDI web services/clients, and starting with 3.3.10 ...

9.8CVSS9.7AI score0.04115EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/07/29 7:5 a.m.74 views

CVE-2021-37578 Remote code execution via RMI

Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...

9.9AI score0.04115EPSS
Exploits0References2
Rows per page
Query Builder