Cubecoders · Cubecoders Amp · CVE-2021-34539
Name of the Vulnerable Software and Affected Versions:
CubeCoders AMP versions prior to 2.1.1.8
Description:
The issue is related to a lack of validation of the Java Version setting, which allows an unintended executable path to be set. This results in high-privileged users being able to trigger code execution.
Recommendations:
For versions prior to 2.1.1.8, update to version 2.1.1.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the Java Version setting to minimize the risk of exploitation.