Security Advisory

CVE-2021-23259

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-02 15:40:55

Last updated 2024-09-16 18:33:22

Assigner crafter

State PUBLISHED

Description

Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotely(RCE).

← Browse all CVEs View on cve.org ↗