CVE-2020-9493
Description
A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution.
Severity
CVSS Version 3.x
Base score: 9.8 Exploit score: 3.9 Impact score: 5.9
Base Score (vectoral): CVSS:3.1 - AV:N - AC:L - PR:N - UI:N - S:U - C:H - I:H - A:H
CVSS Version 2.0
Base score: 6.8 Exploit score: 8.6 Impact score: 6.4
Base Score (vectoral): CVSS:2.0 - AV:N - AC:M - Au:N - C:P - I:P - A:P
Weakness Enumeration
Change History
Last Modified: Apr 8, 2022
Known Affected Software Configurations
cpe:2.3:a:apache:chainsaw:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*
cpe:2.3:a:qos:reload4j:*:*:*:*:*:*:*:*