PT-2016-5686 · Red Hat · Red Hat Jboss Operations Network

Jason Shepherd

Publicado

2016-08-02

Atualizado

2017-11-03

CVE-2016-3737

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Red Hat JBoss Operations Network (JON) versions prior to 3.3.6

Description The issue allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization.

Recommendations For versions prior to 3.3.6, update to version 3.3.6 or later to resolve the issue.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2016-3737

Red Hat Jboss Operations Network