Remote code execution vulnerability in Apache Commons Configuration - CVE-2022-33980 (linux)ID: oval:org.secpod.oval:def:85330 | Date: (C)2022-11-03 (M)2024-06-24 |
Class: VULNERABILITY | Family: unix |
The host is installed with Apache Commons Configuration 2.4.x before 2.8.0 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle the interpolation defaults. Successful exploitation allows attackers to cause remote code execution or unintentional contact with remote servers if untrusted configuration values are used.
Product: |
Apache Commons Configuration |