CVE-2022-37027 – Ahsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject arbitrary Java JVM op …

21 September 2022

Vuln ID: CVE-2022-37027

Published: 2022-09-21 17:15:09Z

Description: Ahsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject arbitrary Java JVM options. Administrators that can modify the Runtime Options in the web interface can inject Java Runtime Options. These take effect after a restart. For example, an attacker can enable JMX services and consequently achieve remote code execution as the system user.

Source: NVD.NIST.GOV

Date:

21 September 2022

Categorie(s):

NVD

Tag(s):

NVD

OpenAI’s GPT-4 Can Autonomously Exploit 87% of One-Day Vulnerabilities, Study Finds26 April 2024
Threat Modeling and Understanding Inherent Threats – Adam Shostack – ESW #35926 April 2024
Check Point delivers strong quarterly revenue growth but stock drops26 April 2024
Rubrik IPO signals potential cybersecurity-led tech market revival25 April 2024
Foreign states targeting sensitive research at UK universities, MI5 warns25 April 2024