Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 (Enterprise), 5.20.0 and newer (Enterprise), and 5.2020.1 and newer (Community), when Java 1.8u181 and earlier is used, allows remote attackers to load malicious code on the server once a JNDI directory scan is performed.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Payara Server 安全漏洞
Vulnerability Description
Payara Server是英国Payara公司的一个云原生、创新的开源中间件平台。 Payara Server 存在安全漏洞,该漏洞源于允许远程攻击者在执行JNDI目录扫描后在服务器上加载恶意代码。受影响的产品和版本:Payara Server 4.1.2.191版本 (企业版),5.20.0及更新版本 (企业版),5.2020.1及更新版本(社区版)。
CVSS Information
N/A
Vulnerability Type
N/A