Описание
The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:orlansoft:orlansoft_erp:-:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04485
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-502
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object.
CVSS3: 9.8
fstec
почти 4 года назад
Уязвимость интерфейса Java Remote Management ERP-системы Orlansoft, позволяющая нарушителю выполнить произвольный код
EPSS
Процентиль: 89%
0.04485
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-502