Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
com.springsource.tcserver.serviceability.rmi.JmxSocketListener in VMware SpringSource tc Server Runtime 6.0.19 and 6.0.20 before 6.0.20.D, and 6.0.25.A before 6.0.25.A-SR01, does not properly enforce the requirement for an encrypted (aka s2enc) password, which allows remote attackers to obtain JMX interface access via a blank password.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
VMware SpringSource tc Server JMX接口绕过认证漏洞
Vulnerability Description
SpringSource tc Server是一款轻型的应用服务器。 VMware SpringSource tc Server Runtime的com.springsource.tcserver.serviceability.rmi.JmxSocketListener没有强制要求对(即s2enc)密码进行加密,远程攻击者可以通过空密码获取JMX接口的访问权限。
CVSS Information
N/A
Vulnerability Type
N/A