An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature.
References
Link | Resource |
---|---|
https://huntr.com/bounties/83dd17ec-053e-453c-befb-7d6736bf1836 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: @huntr_ai
Published: 2023-11-16T16:06:24.520Z
Updated: 2023-11-16T16:06:24.520Z
Reserved: 2023-11-08T09:11:55.847Z
Link: CVE-2023-6016
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-16T16:15:34.680
Modified: 2023-11-28T17:23:08.633
Link: CVE-2023-6016
JSON object: View
Redhat Information
No data.
CWE