The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 28.4%.
RCE
Java
Oncommand Workflow Automation
NVD
Exploit-DB
CVSS 2.0
10.0
EPSS
28.4%
Threat
4.4