Apache Commons Beanutils could allow a remote attacker to gain unauthorized access to the system, caused by the failure to suppresses the class property in bean introspection by default. An attacker could exploit this vulnerability to gain unauthorized access to the classloader.
CVEID:CVE-2019-10086
**DESCRIPTION:**Apache Commons Beanutils could allow a remote attacker to gain unauthorized access to the system, caused by the failure to suppresses the class property in bean introspection by default. An attacker could exploit this vulnerability to gain unauthorized access to the classloader.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/166353 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Affected Product(s) | Version(s) |
---|---|
Content Collector for Email | 4.0.0 |
Content Collector for Email | 4.0.1 |
Product | VRM | Remediation |
---|---|---|
Content Collector for Email | 4.0.0, 4.0.1 | Use Content Collector for Email 4.0.1.9 Interim Fix IF006 |
None
CPE | Name | Operator | Version |
---|---|---|---|
content collector | eq | 4.0.1 |