The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.
Max CVSS
5.4
EPSS Score
9.01%
Published
2013-09-28
Updated
2014-03-08
1 vulnerabilities found