An issue was discovered in Jamf Pro 9.x and 10.x before 10.15.1. Deserialization of untrusted data when parsing JSON in several APIs may cause Denial of Service (DoS), remote code execution (RCE), and/or deletion of files on the Jamf Pro server.
References
Link | Resource |
---|---|
https://resources.jamf.com/documents/products/security-disclosure-notice-jamf-pro-10.15.1.pdf | Vendor Advisory |
https://resources.jamf.com/documents/products/security-disclosure-notice-jamf-pro-10.15.1.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 04:31
Type | Values Removed | Values Added |
---|---|---|
References | () https://resources.jamf.com/documents/products/security-disclosure-notice-jamf-pro-10.15.1.pdf - Vendor Advisory |
Information
Published : 2020-01-08 16:15
Updated : 2024-11-21 04:31
NVD link : CVE-2019-17076
Mitre link : CVE-2019-17076
CVE.ORG link : CVE-2019-17076
JSON object : View
Products Affected
jamf
- jamf
CWE
CWE-502
Deserialization of Untrusted Data