CWE-306: Missing Authentication for Critical Function in Java RMI Interface
CVE-2023-29411 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior authentication on the Java RMI interface.
Learn more about our Web Application Penetration Testing UK.