Vulnerabilities > CVE-2020-9761 - Unspecified vulnerability in Unctad Asycuda World

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

unctad

critical

NVD

Published: 2020-03-04

Updated: 2024-11-21

Summary

An issue was discovered in UNCTAD ASYCUDA World 2001 through 2020. The Java RMI Server has an Insecure Default Configuration, leading to Java Code Execution from a remote URL because an RMI Distributed Garbage Collector method is called.

Vulnerable Configurations

Part	Description	Count
Application	Unctad Unctad Asycuda World 2001 Unctad Asycuda World 2002 Unctad Asycuda World 2006 Unctad Asycuda World 2007 Unctad Asycuda World 2020	5

References

https://pastebin.com/jP4thzzG
https://pastebin.com/jP4thzzG
https://unctad.org/en/Pages/DTL/TTL/ASYCUDA-Programme.aspx
https://unctad.org/en/Pages/DTL/TTL/ASYCUDA-Programme.aspx