CRITICAL🇬🇧 English

CVE-2021-21783

CVSS 9.8v3.1pub. 2021-03-25upd. 2024-11-21

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Genivia Gsoap

    APP
    Genivia
    2.8.107
  • Oracle Communications Diameter Signaling Router

    APP
    Oracle
    8.0.0 – 8.5.0
  • Oracle Communications Eagle Application Processor

    APP
    Oracle
    16.1.0 – 16.4.0
  • Oracle Communications Eagle Lnp Application Processor

    APP
    Oracle
    46.746.846.9
  • Oracle Communications Lsms

    APP
    Oracle
    13.113.213.313.4
  • Oracle Tekelec Virtual Operating Environment

    APP
    Oracle
    3.4.0 – 3.7.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2020-2555CRITICAL9.8⚠ KEVten sam produkt

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invoc...

CVE-2017-9841CRITICAL9.8⚠ KEVten sam produkt

Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbit...

CVE-2020-13576CRITICAL9.8ten sam produkt

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A sp...

CVE-2020-11998CRITICAL9.8ten sam produkt

A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to ...

CVE-2020-11973CRITICAL9.8ten sam produkt

Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0...