CVE-2018-20732

SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a Java deserialization variant.
References
Link Resource
http://www.securityfocus.com/bid/106648 Third Party Advisory VDB Entry
https://support.sas.com/kb/63/391.html Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:sas:web_infrastructure_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:sas:web_infrastructure_platform:9.4:-:*:*:*:*:*:*
cpe:2.3:a:sas:web_infrastructure_platform:9.4:maintenance_release_1:*:*:*:*:*:*
cpe:2.3:a:sas:web_infrastructure_platform:9.4:maintenance_release_2:*:*:*:*:*:*
cpe:2.3:a:sas:web_infrastructure_platform:9.4:maintenance_release_3:*:*:*:*:*:*
cpe:2.3:a:sas:web_infrastructure_platform:9.4:maintenance_release_4:*:*:*:*:*:*
cpe:2.3:a:sas:web_infrastructure_platform:9.4:maintenance_release_5:*:*:*:*:*:*
OR cpe:2.3:a:hpe:hp-ux_ipfilter:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:x64:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x64:*
cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:x64:*

History

No history.

Information

Published : 2019-01-17 01:29

Updated : 2024-02-28 16:48


NVD link : CVE-2018-20732

Mitre link : CVE-2018-20732

CVE.ORG link : CVE-2018-20732


JSON object : View

Products Affected

sas

  • web_infrastructure_platform

hpe

  • hp-ux_ipfilter

ibm

  • aix

linux

  • linux_kernel

microsoft

  • windows

oracle

  • solaris
CWE
CWE-502

Deserialization of Untrusted Data