What is CVE-2020-7857?

CVE-2020-7857 is a high-severity vulnerability in Tobesoft Xplatform, classified under Use of Externally-Controlled Input to Select Classes or Code (Unsafe Reflection). CVSS score: 7.5/10. Published 2021-04-20.

How severe is CVE-2020-7857?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Tobesoft Xplatform

CVE-2020-7857

A vulnerability of XPlatform could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient validation of improper classes. This issue affects: Tobesoft XPlatform versions prior to 9.2.2…

EPSS: 0.005 (67.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Tobesoft Xplatform — versions unspecified

Weakness classification (CWE)

CWE-470 — Use of Externally-Controlled Input to Select Classes or Code (Unsafe Reflection)

References

www.boho.or.kr/krcert/secNoticeView.do (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-7857?: CVE-2020-7857 is a high-severity vulnerability in Tobesoft Xplatform, classified under Use of Externally-Controlled Input to Select Classes or Code (Unsafe Reflection). CVSS score: 7.5/10. Published 2021-04-20.
How severe is CVE-2020-7857?: High severity. CVSS v3 base score is 7.5 out of 10.