Security Advisory

CVE-2021-21307

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-02-11 18:20:21

Last updated 2024-08-03 18:09:15

Assigner GitHub_M

State PUBLISHED

Description

Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development. In Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 there is an unauthenticated remote code exploit. This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a workaround, one can block access to the Lucee Administrator.

← Browse all CVEs View on cve.org ↗