aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ asynchronized message process. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands to perform arbitrary system operation or disrupt service.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-7024-bdefe-1.html | Third Party Advisory |
https://www.twcert.org.tw/tw/cp-132-7024-bdefe-1.html | Third Party Advisory |
Configurations
History
21 Nov 2024, 07:41
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.twcert.org.tw/tw/cp-132-7024-bdefe-1.html - Third Party Advisory |
Information
Published : 2023-04-27 02:15
Updated : 2024-11-21 07:41
NVD link : CVE-2023-20853
Mitre link : CVE-2023-20853
CVE.ORG link : CVE-2023-20853
JSON object : View
Products Affected
aenrich
- a\+hrd
CWE
CWE-502
Deserialization of Untrusted Data