PT-2019-14308 · Mulesoft · Mule Ce/Ee+1

Published

2019-12-02

Updated

2019-12-13

CVE-2019-15631

CVSS v3.1

9.8

Critical

Vector

AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N

Name of the Vulnerable Software and Affected Versions MuleSoft Mule CE/EE versions 3.x MuleSoft API Gateway versions 2.x

Description A Remote Code Execution issue allows remote attackers to execute arbitrary code.

Recommendations For MuleSoft Mule CE/EE versions 3.x, update to a version released after October 31, 2019. For MuleSoft API Gateway versions 2.x, update to a version released after October 31, 2019.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-15631

Affected Products

Apigateway

Mule Ce/Ee

PT-2019-14308 · Mulesoft · Mule Ce/Ee+1

CVE-2019-15631

Related Identifiers

Affected Products

References · 3