CVE-2018-7047
First published: Thu Mar 01 2018(Updated: )
An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. The file system may be read and written to via JMX using the default JMX credentials (remote code execution may be possible as well).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Wowza Streaming Engine | <4.7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-7047 vulnerability?
CVE-2018-7047 is a vulnerability in Wowza Streaming Engine before version 4.7.1 that allows unauthorized access to the file system via JMX using default credentials, potentially leading to remote code execution.
How severe is the CVE-2018-7047 vulnerability?
The severity of CVE-2018-7047 is rated as critical with a CVSS score of 9.8.
How can I fix the CVE-2018-7047 vulnerability?
To fix the CVE-2018-7047 vulnerability, update Wowza Streaming Engine to version 4.7.1 or later.
Where can I find more information about the CVE-2018-7047 vulnerability?
For more information about CVE-2018-7047, you can refer to the CVE-2018-7047.txt file at https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2018-7047.txt and the Wowza Streaming Engine 4.7.1 release notes at https://www.wowza.com/docs/wowza-streaming-engine-4-7-1-release-notes.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/tags
- agent/source
- vendor/wowza
- canonical/wowza streaming engine