Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not specify an initial configuration file. The configuration allows certain anonymous access to administration and an API.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://security.gradle.com/advisory/2022-05 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-03-25T19:55:17
Updated: 2024-08-03T05:41:11.043Z
Reserved: 2022-03-25T00:00:00
Link: CVE-2022-27919
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-03-25T20:15:09.270
Modified: 2023-08-08T14:22:24.967
Link: CVE-2022-27919
Redhat
No data.