Sign in
CVE-2015-9245
CVE-2015-9245
Description
Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows unauthenticated remote attackers to specify arbitrary URLs from which to load and execute malicious Java classes via port 20931.
Impact
CVSS v3 : 9.8 CRITICAL
CVSS v2 : 7.5 HIGH
Type
CWE-284
Attack Vector
CVSSv2 Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P
Quick links
CVE
,
NVD
,
CERT
,
Metasploit
,
Exploit-db
,
Fulldisc
,
Bugtraq
,
Microsoft
,
Red Hat
,
Debian
, GitHub
code
/
issues
,
Google
References
https://knowledgebase.progress.com/articles/Article/How-to-prevent-Java-RMI-class-loader-exploit-with-AdminServer
FAQ
Terms of service
Privacy policy
