Unsafe deserialization in JSCAPE MFT Server versions...
High severity
Unreviewed
Published
Sep 7, 2023
to the GitHub Advisory Database
•
Updated Apr 4, 2024
Description
Published by the National Vulnerability Database
Sep 7, 2023
Published to the GitHub Advisory Database
Sep 7, 2023
Last updated
Apr 4, 2024
Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface
References