Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2020-27225

Related Vulnerabilities: CVE-2020-27225  

In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform process.

Source

Description

The MITRE CVE dictionary describes this issue as:

In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform process.

Additional Information

  • Bugzilla 1939630: CVE-2020-27225 eclipse: Help Subsystem does not authenticate active help requests
  • CWE-287: Improper Authentication
  • FAQ: Frequently asked questions about CVE-2020-27225

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started