|
|||
Rule General Information |
---|
Release Date: | 2024-06-03 | |
Rule Name: | Yonyou NC registerServlet JNDI Remote Code Execution Vulnerability | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | Yonyou NC is an enterprise level management software system. There is a JNDI remote code execution vulnerability at the Yonyou NC registerServlet interface. Unauthenticated remote attackers can use this vulnerability to execute arbitrary code on the server side, write backdoors, gain server privileges, and then control the entire web server. | |
Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
Affected OS: | Windows, Linux, Others | |
Reference: | ||
Solutions |
---|
Please contact the software vendor to update the software patch. |