Security Advisory

CVE-2021-3160

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-28 19:37:46

Last updated 2024-08-03 16:45:51

Assigner mitre

State PUBLISHED

Description

Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA ASSUREX RENTES product allows a remote attacker to inject unsecure serialized Java object using a specially crafted HTTP request, resulting in an unauthenticated remote code execution on the server.

← Browse all CVEs View on cve.org ↗