CVE-2021-42392

CRITICAL Year: 2021
CVSS v3 Score
9.8
Critical
CVSS v2 Score
10.0
Critical
Weakness Type
CWE-502
View all →

Vulnerability Description

The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution.

Related Vulnerabilities

CVE-2003-0791

CRITICAL
CVSS:9.8(Critical)

The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which...

CWE-5022003

CVE-2012-0911

CRITICAL
CVSS:9.8(Critical)

TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PHP code via a crafted serialized object in the (1) cookieName to lib/banners/bannerlib.php; (2) print...

CWE-5022012

CVE-2012-4406

CRITICAL
CVSS:9.8(Critical)

OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbi...

CWE-5022012

CVE-2013-1465

CRITICAL
CVSS:9.8(Critical)

The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrate...

CWE-5022013

CVE-2013-4521

CRITICAL
CVSS:9.8(Critical)

RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to exec...

CWE-5022013

CVE-2014-1860

CRITICAL
CVSS:9.8(Critical)

Contao CMS through 3.2.4 has PHP Object Injection Vulnerabilities

CWE-5022014