CVE-2023-35042
CVSS v3.1
9.8 (Critical)
EPSS
0.86 % (83th)
Affected Products
1
Advisories
1
NVD Status
Modified
GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime().exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. NOTE: the vendor states that they are unable to reproduce this in any version.
Weaknesses
- CVE Status
- PUBLISHED
- NVD Status
- Modified
- CNA
- MITRE
- Published Date
-
2023-06-12 15:15:09
(15 months ago) - Updated Date
-
2024-08-02 17:15:31
(6 weeks ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...