The web server in Aternity prior to 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote malicious users to execute arbitrary Java code by registering MBeans.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
aternity aternity |