CVE-2016-5062

CVE Database · CVE-2016-5062

CVE-2016-5062

· N/AModified

CVSS v3.1

N/A

EPSS

3.90%

Published

Sep 29, 2016

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote attackers to execute arbitrary Java code by registering MBeans.

Weaknesses (CWE)

CWE-669

Affected Products (1)

aternity · aternityvulnerable

References (4)

http://www.kb.cert.org/vuls/id/706359

Third Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/93208

http://www.kb.cert.org/vuls/id/706359

Third Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/93208

KEV Catalog EPSS Scores Vendors All CVEs