Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion. This issue was addressed in Apache ODE 1.3.3 which was released in 2009, however the incorrect name CVE-2008-2370 was used on the advisory by mistake.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache ODE 安全漏洞
Vulnerability Description
Apache ODE是美国阿帕奇(Apache)软件基金会的一款业务流程构建引擎,它具有与Web服务通信、发送和接收消息,处理数据操作和错误恢复功能。 Apache ODE 1.3.3之前版本中存在安全漏洞。攻击者可利用该漏洞写入、覆盖或删除文件。
CVSS Information
N/A
Vulnerability Type
N/A