← back
CVE-2023-31826

CVE-2023-31826

CVSS 7.8 HIGHEPSS 0.3%CWE-862
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.8EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
23 May 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Skyscreamer Open Source Nevado JMS v1.3.2 does not perform security checks when receiving messages. This allows attackers to execute arbitrary commands via supplying crafted data.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://nevado.skyscreamer.org/https://github.com/skyscreamer/nevado/issues/121https://github.com/skyscreamer/nevado/releaseshttps://novysodope.github.io/2023/04/01/95/