Security Advisory

CVE-2022-34267

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-25 00:00:00

Last updated 2024-08-03 09:07:16

Assigner mitre

State PUBLISHED

Description

An issue was discovered in RWS WorldServer before 11.7.3. Adding a token parameter with the value of 02 bypasses all authentication requirements. Arbitrary Java code can be uploaded and executed via a .jar archive to the ws-api/v2/customizations/api endpoint.

← Browse all CVEs View on cve.org ↗