← volver
CVE-2018-10054

CVE-2018-10054

EPSS 35.0%
Vexday Risk Score
30Bajo
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
Madurez del exploit
Exploit funcional
Exploit automatizable disponible (Nuclei/Metasploit).
CVSS EPSS 35.0%KEV nãoPoC Nuclei Metasploit simPatch
Ciclo de vida
09 abr 2018Exploit Metasploit disponible
11 abr 2018Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code. NOTE: the vendor's position is "h2 is not designed to be run outside of a secure environment."
Productos afectados
n/a · n/a