redhat · CVE-2017-16670

Quick triage

Priority: high Published: 2018-02-13 00:00:00 UTC Updated: 2018-02-13 00:00:00 UTC

View at Official redhat advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file.

Description:

The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file.

cvelogic Threat Intelligence