Vulnerabilities > CVE-2016-5062 - Incorrect Resource Transfer Between Spheres vulnerability in Aternity 9.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote attackers to execute arbitrary Java code by registering MBeans.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |