Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
668
VMScore

CVE-2021-34427

Published: 25/06/2021 Updated: 11/02/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Business Intelligence And Reporting Tools

Vulnerability Summary

In Eclipse BIRT versions 4.8.0 and previous versions, an attacker can use query parameters to create a JSP file which is accessible from remote (current BIRT viewer dir) to inject JSP code into the running instance.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

eclipse business intelligence and reporting tools

Exploits

Exploit DB: Eclipse Business Intelligence Reporting Tool 4.11.0 Remote Code Execution
Eclipse Business Intelligence Reporting Tool versions 4110 and below suffer from a bypass vulnerability that allows for remote code execution ...

References

CWE-434https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142http://seclists.org/fulldisclosure/2022/Dec/30http://packetstormsecurity.com/files/170326/Eclipse-Business-Intelligence-Reporting-Tool-4.11.0-Remote-Code-Execution.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/170326/Eclipse-Business-Intelligence-Reporting-Tool-4.11.0-Remote-Code-Execution.html
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middleCVE-2024-34558CVE-2024-32674CVE-2024-34351XPath injectionCVE-2023-45866CVE-2024-25528CVE-2024-25517path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook