Vulnerability Details CVE-2018-7047
An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. The file system may be read and written to via JMX using the default JMX credentials (remote code execution may be possible as well).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.03
EPSS Ranking 86.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2018-7047.txt
- https://www.wowza.com/docs/wowza-streaming-engine-4-7-1-release-notes
- https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2018-7047.txt
- https://www.wowza.com/docs/wowza-streaming-engine-4-7-1-release-notes
Products affected by CVE-2018-7047
-
cpe:2.3:a:wowza:streaming_engine:4.0.0
-
cpe:2.3:a:wowza:streaming_engine:4.0.1
-
cpe:2.3:a:wowza:streaming_engine:4.0.3
-
cpe:2.3:a:wowza:streaming_engine:4.0.4
-
cpe:2.3:a:wowza:streaming_engine:4.0.5
-
cpe:2.3:a:wowza:streaming_engine:4.0.6
-
cpe:2.3:a:wowza:streaming_engine:4.1.0
-
cpe:2.3:a:wowza:streaming_engine:4.1.1
-
cpe:2.3:a:wowza:streaming_engine:4.1.2
-
cpe:2.3:a:wowza:streaming_engine:4.2.0
-
cpe:2.3:a:wowza:streaming_engine:4.3.0
-
cpe:2.3:a:wowza:streaming_engine:4.4.0
-
cpe:2.3:a:wowza:streaming_engine:4.4.1
-
cpe:2.3:a:wowza:streaming_engine:4.5.0
-
cpe:2.3:a:wowza:streaming_engine:4.6.0
-
cpe:2.3:a:wowza:streaming_engine:4.7.0