CVE-2021-20318 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-20318 PUBLISHED CVSS 7.199999809265137 HIGH

The HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.

EPSS 2.13% · 84.1th percentile

Risk Scores

CVSS v3.1

7.199999809265137

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score

2.13%

84.1th percentile

Affected Products

Vendor	Product	Versions
n/a	Artemis in EAP 7	7.3.9.GA, 7.4.0.GA
redhat	jboss_enterprise_application_platform	7.3.9, 7.4.0

Timeline

Dec 23, 2021 CVE Published
Dec 24, 2021 EPSS Score
Feb 15, 2022 EPSS Score
Apr 10, 2022 EPSS Score
Jun 2, 2022 EPSS Score
Sep 18, 2022 EPSS Score
Nov 11, 2022 EPSS Score
Jan 3, 2023 EPSS Score
Feb 26, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 20, 2023 EPSS Score
Jun 12, 2023 EPSS Score

References

Open in Interactive Console →