資安通報

Vulnerability Overview

CVE-2023-37895

Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contains a class that can be used for remote code execution over RMI.

Users are advised to immediately update to versions 2.20.11 or 2.21.18. Note that earlier stable branches (1.0.x .. 2.18.x) have been EOLd already and do not receive updates anymore.

Release Date: 2023/07/25

Vulnerability Metrics

Vulnerability Scoring Details :

The vulnerability scores and vectors are listed below.

Severity	CVSS Score	Vector
CRITICAL	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

技術支援

	常見問題
	已停產商品

智慧製造｜管理解決方案

混合會議空間 - 解決方案指南

機密機殼加工服務

ATEN MicLIVE™ UC8000

資安通報

Vulnerability Overview

CVE-2023-37895

Vulnerability Metrics

Vulnerability Scoring Details :

技術支援

販售據點

資安通報

Vulnerability Overview

CVE-2023-37895

Vulnerability Metrics

Vulnerability Scoring Details :

技術支援

販售據點

您的隱私選擇