CVE-2015-3188

CWE-2644 documents4 sources
Severity
9.8CRITICAL
EPSS
12.4%
top 6.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Storm
Timeline
PublishedJan 13
Latest updateMay 14

Description

The UI daemon in Apache Storm 0.10.0 before 0.10.0-beta1 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

Mavenorg.apache.storm:storm0.10.0-beta0.10.0-beta1
NVDapache/storm0.10.0

🔴Vulnerability Details

3
GHSA
Apache Storm remote code execution vulnerability2022-05-14
OSV
Apache Storm remote code execution vulnerability2022-05-14
CVEList
CVE-2015-3188: The UI daemon in Apache Storm 02017-01-13
CVE-2015-3188 (CRITICAL CVSS 9.8) | The UI daemon in Apache Storm 0.10. | cvebase.io