Unvalidated Java Version Setting Allows Code Execution in CubeCoders AMP

Unvalidated Java Version Setting Allows Code Execution in CubeCoders AMP

CVE-2021-34539 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in CubeCoders AMP before 2.1.1.8. A lack of validation of the Java Version setting means that an unintended executable path can be set. The result is that high-privileged users can trigger code execution.

Learn more about our User Device Pen Test.