Skip to main content

Aerospike Server

1 CVEs product

Monthly

CVE-2020-13151 CRITICAL POC THREAT Emergency

Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Aerospike Server
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
86.7%
EPSS 87% CVSS 9.8
CRITICAL POC THREAT Emergency

Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Aerospike Server
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy