Security Advisory

CVE-2022-40238

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-10-26 15:15:45

Last updated 2025-05-07 13:31:41

Assigner certcc

State PUBLISHED

Description

A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5. An authenticated attacker can inject arbitrary pickle object as part of a users profile. This can lead to code execution on the server when the users profile is accessed.

← Browse all CVEs View on cve.org ↗