Page 2 of 12 results (0.006 seconds)

CVSS: 10.0EPSS: 93%CPEs: 81EXPL: 0

CVE-2016-3427 – Oracle Java SE and JRockit Unspecified Vulnerability

https://notcve.org/view.php?id=CVE-2016-3427

20 Apr 2016 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con JMX. It was discovered that the RMI server implementation in... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html • CWE-284: Improper Access Control •

CVSS: 9.8EPSS: 2%CPEs: 38EXPL: 0

CVE-2015-0225 – Cassandra: remote code execution via unauthenticated JMX/RMI interface

https://notcve.org/view.php?id=CVE-2015-0225

01 Apr 2015 — The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. La configuración por defecto en Apache Cassandra 1.2.0 hasta 1.2.19, 2.0.0 hasta 2.0.13, y 2.1.0 hasta 2.1.3 vincula una interfaz JMX/RMI no autenticada a todas las interfaces de la red, lo que permite a atacantes remotos ejecutar código Java arbi... • http://packetstormsecurity.com/files/131249/Apache-Cassandra-Remote-Code-Execution.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-306: Missing Authentication for Critical Function •