Vulnerabilities > CVE-2019-20635 - Unsafe Reflection vulnerability in Intland Codebeamer

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

NVD

Published: 2020-04-02

Updated: 2020-08-24

Summary

codeBeamer before 9.5.0-RC3 does not properly restrict the ability to execute custom Java code and access the Java class loader via computed fields.

Part	Description	Count
Application	Intland Intland Codebeamer - Intland Codebeamer 8.2.0 Intland Codebeamer 8.2.0.1 Intland Codebeamer 8.2.1 Intland Codebeamer 9.0.0 Intland Codebeamer 9.0.1 Intland Codebeamer 9.0.2 Intland Codebeamer 9.1.0 Intland Codebeamer 9.2.0 Intland Codebeamer 9.3.0 Intland Codebeamer 9.4.0 Intland Codebeamer 9.5.0	15