CVEs-PoC/2020/CVE-2020-1952.md

### [CVE-2020-1952](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1952)
![](https://img.shields.io/static/v1?label=Product&message=IoTDB&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen)

### Description

An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/langligelang/langligelang