Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
JMX Credential Deserialization in GemFire
Vulnerability Description
VMware GemFire versions prior to 9.10.0, 9.9.1, 9.8.5, and 9.7.5, and VMware Tanzu GemFire for VMs versions prior to 1.11.0, 1.10.1, 1.9.2, and 1.8.2, contain a JMX service available to the network which does not properly restrict input. A remote authenticated malicious user may request against the service with a crafted set of credentials leading to remote code execution.
CVSS Information
N/A
Vulnerability Type
可信数据的反序列化
Vulnerability Title
VMware GemFire和Tanzu GemFire for VMs 代码问题漏洞
Vulnerability Description
VMware GemFire和VMware Tanzu GemFire for VMs都是美国威睿(VMware)公司的产品。VMware GemFire是一套数据管理平台。该平台主要提供对数据密集型应用程序的实时访问。VMware Tanzu GemFire for VMs是一套数据存储解决方案。 VMware GemFire和VMware Tanzu GemFire for VMs中存在代码问题漏洞。远程攻击者可借助特制的凭证利用该漏洞执行代码。以下产品及版本受到影响:VMware GemFire 9
CVSS Information
N/A
Vulnerability Type
N/A