The Java Remote Management Interface of all versions of SVI MS Management System was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object.
References
Link | Resource |
---|---|
https://gist.github.com/fuzzKitty/dd1c6fac4f36e70ea64814732726aaea | Third Party Advisory |
https://github.com/joaomatosf/jexboss | Third Party Advisory |
https://www.squire-technologies.co.uk/ | Vendor Advisory |
Configurations
History
No history.
Information
Published : 2022-05-02 23:15
Updated : 2024-02-28 19:09
NVD link : CVE-2020-23621
Mitre link : CVE-2020-23621
CVE.ORG link : CVE-2020-23621
JSON object : View
Products Affected
squire-technologies
- svi_ms_management_system
CWE
CWE-502
Deserialization of Untrusted Data