Lucene search
Veracode Vulnerability DatabaseVERACODE:32739HistoryOct 27, 2021 - 5:09 a.m.
Remote Code Execution (RCE)
2021-10-2705:09:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.015 Low
EPSS
Percentile
86.8%
Storm core is vulnerable to remote code execution (RCE) attacks. Vulnerable getGroupsCommand function is subject to unsafe deserialization, allowing remote authenticated attackers to execute arbitrary code in the server.
| CPE | Name | Operator | Version |
|---|---|---|---|
| storm core | le | 1.2.3 | |
| storm core | le | 1.2.3 |
Related
osv
osv
CVE-2021-40865
2021-10-25 13:15:08
cnvd
cnvd
Apache Storm code issue vulnerability
2021-10-26 00:00:00
prion
prion
Deserialization of untrusted data
2021-10-25 13:15:00
f5
f5
K44104514 : Apache Storm vulnerability CVE-2021-40865
2021-12-21 00:00:00
github
github
nvd
nvd
CVE-2021-40865
2021-10-25 13:15:08
cve
cve
CVE-2021-40865
2021-10-25 13:15:08
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Apache Storm
2021-11-26 10:09:40
checkpoint_advisories
checkpoint_advisories
Apache Storm Remote Code Execution (CVE-2021-40865)
2022-02-28 00:00:00
cvelist
cvelist
CVE-2021-40865 Unsafe Pre-Authentication Deserialization In Workers
2021-10-25 12:22:37
nessus
nessus
