8 matches found
CVE-2023-6016
An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature...
CVE-2023-6016
An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature...
CVE-2023-6016
An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature...
Design/Logic Flaw
An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature...
CVE-2023-6016 H2O Remote Code Execution via POJO Model Import
An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature...
CVE-2023-6016
CVE-2023-6016 affects H2O Dashboard via POJO model import, enabling remote code execution on a server hosting the dashboard. The vulnerability is described as a high-severity, network-exploitable issue with no user interaction required, per the NVD metrics (CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I...
PT-2023-32479 · H2O · H2O
Name of the Vulnerable Software and Affected Versions: H2O affected versions not specified Description: The issue allows an attacker to gain remote code execution on a server hosting the H2O dashboard. This is achieved through the POJO model import feature. Recommendations: At the moment, there i...
Improper Control of Generation of Code ('Code Injection')
An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature...