39 matches found
Apache Solr - Deserialization of Untrusted Data
In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side. id:...
EUVD-2019-2147
Malware in sbrugna...
EUVD-2019-18563
Malware in sbrugna...
EUVD-2022-5807
Malicious code in bioql PyPI...
CVE-2020-15381
Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server...
CVE-2019-9186
In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces instead of listening on only the localhost interface. This issue has bee...
CVE-2019-10104
In several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration for Tomcat, Jetty, Resin, or CloudBees with the default setting allowed a remote attacker to execute code when the configuration is running, because a JMX server listened on all interfaces instead of...
Design/Logic Flaw
nGrinder before 3.5.9 allows connection to malicious JMX/RMI server by default, which could be the cause of executing arbitrary code via RMI registry by remote attacker...
CVE-2017-12628
The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. As James exposes JMX socket by default only on local-host, this vulnerability can only be used for privilege escalation...
GHSA-XJ7Q-Q94C-6WR3 Apache James Privilege Escalation
The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. As James exposes JMX socket by default only on local-host, this vulnerability can only be used for privilege escalation...
Apache James Privilege Escalation
The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. As James exposes JMX socket by default only on local-host, this vulnerability can only be used for privilege escalation...
Basecamp: RCE via exposed JMX server on jabber.37signals.com/jabber.basecamp.com
@ian reported that jabber.37signals.com and jabber.basecamp.com exposed on port 555 an unauthenticated Java JMX server which was vulnerable to RCE. We've looked into this and found that we forgot to clean up some DNS records when we decomissioned Jabber so the exposed IP address were not part of...
GitHub Security Lab: [Java]: CWE-665 Insecure environment during RMI/JMX Server initialisation - All for one bounty
This bug was reported directly to GitHub Security Lab...
CVE-2020-15381
Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server...
Authentication flaw
Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server...
CVE-2020-15381
CVE-2020-15381 affects Brocade SANnav before version 2.1.1, where an Improper Authentication vulnerability allows cleartext transmission of authentication credentials for the JMX server. The issue is documented across multiple sources (NVD, Red Hat, Broadcom advisory BSA-2021-1483) and is specifi...
Apache Solr 8.11, 8.20 have unauthenticated JMX server enabled in default config
The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLEREMOTEJMXOPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and...
CVE-2019-9186
In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces instead of listening on only the localhost interface. This issue has bee...
CVE-2019-10104
In several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration for Tomcat, Jetty, Resin, or CloudBees with the default setting allowed a remote attacker to execute code when the configuration is running, because a JMX server listened on all interfaces instead of...
Code injection
In several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration for Tomcat, Jetty, Resin, or CloudBees with the default setting allowed a remote attacker to execute code when the configuration is running, because a JMX server listened on all interfaces instead of...