RCE in Rocketsoftware Rocket_servergraph

CVE-2014-3915

The userRequest servlet in the Admin Center for Tivoli Storage Manager in Rocket Servergraph allows remote attackers to execute arbitrary commands via a (1) auth, (2) auth_session, (3) auth_simple, (4) add, (5) add_flat, (6) remove, (7) se…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.046 (89.5th percentile) — read the EPSS interpretation.

Affected products

Rocketsoftware Rocket_servergraph
N/a — versions n/a

Weakness classification (CWE)

CWE-94 — Code Injection

References

cve@mitre.org (x_refsource_MISC)
67780 (vdb-entry, x_refsource_BID)