Open WorkFlow Engine (OpenWFE) 1.4.x allows remote malicious users to conduct port scans of remote hosts by specifying the target in an rmi:// Worklist URL, then using the response times to infer the results.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openwfe work flow engine 1.4 |
||
openwfe work flow engine 1.4.1 |
||
openwfe work flow engine 1.4.4 |
||
openwfe work flow engine 1.4.5 |
||
openwfe work flow engine 1.4.2 |
||
openwfe work flow engine 1.4.3 |