1. Home
  2. Vulnerabilities
  3. CVE-2019-10648

CVE-2019-10648

CVSS v3.0 9.8 (Critical)
98% Progress
CVSS v2.0 7.5 (High)
75% Progress
EPSS 1.09 % (85th)
1.09% Progress
Affected Products 1
Advisories 1
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Graph Web & Social Timeline

Robocode through 1.9.3.5 allows remote attackers to cause external service interaction (DNS), as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL.

Weaknesses
CWE-862
Missing Authorization
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2019-03-30 13:29:00
(5 years ago)
Updated Date
2021-07-21 11:39:23
(3 years ago)

Affected Products

Robocode Project

Configuration #1

    CPE23 From Up To
  Robocode Project Robocode 1.9.3.5 and prior versions cpe:2.3:a:robocode_project:robocode <= 1.9.3.5
  Robocode Project Robocode cpe:2.3:a:robocode_project:robocode:-