I. Overview

Yonyou has disclosed a Yonyou NC BeanShell remote code execution vulnerability (CNVD-2021-30167). Unauthorized attackers can use this vulnerability to construct malicious requests and execute arbitrary code on the target system. The vulnerability POC has been disclosed, and the risk is high.

Yonyou NC is an enterprise management software. If you are a Yonyou NC user, check your system and implement timely security hardening.

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Affected version:

Yonyou NC 6.5.0.00201601201350

IV. Vulnerability Handling

This vulnerability has been fixed in an officially released patch. If your service version falls into the affected range, install the patch in a timely manner.

http://umc.yonyou.com/ump/querypatchdetailed?PK=18981c7af483007db179a236016f594d37c01f22aa5f5d19

HUAWEI CLOUD WAF can defend against these vulnerabilities. If you are a WAF user, set the basic web protection status to Block. For details, see Configuring Basic Web Protection Rules.

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.