Name of the Vulnerable Software and Affected Versions:

OpenEdge AdminServer (affected versions not specified)

Description:

The software contains a Remote Command Execution (RCE) issue via the Java RMI interface. Authenticated users can inject and execute OS commands under the authority of the AdminServer process. Insufficient input validation of a configuration property within the RMI interface leads to OS command injection.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.