CVE-2019-7727
CRITICALNICE Engage < 6.5 - Unauthenticated Remote Code Execution via JMX/RMI Interface
Title source: llmDescription
In NICE Engage through 6.5, the default configuration binds an unauthenticated JMX/RMI interface to all network interfaces, without restricting registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol by using the JMX connector. The observed affected TCP port is 6338 but, based on the product's configuration, a different one could be vulnerable.
References (3)
Core 3
Core References
Mailing List, Third Party Advisory mailing-list
x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Apr/2
Mitigation, Third Party Advisory x_refsource_misc
https://redtimmysec.wordpress.com/2019/03/26/jmx-rmi-multiple-applications-rce/
Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2019/Apr/4
Scores
CVSS v3
9.8
EPSS
0.0379
EPSS Percentile
88.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-306
Status
published
Products (1)
nice/engage
< 6.5
Published
Apr 23, 2019
Tracked Since
Feb 18, 2026