Описание
Due to a deserialization vulnerability in SAP NetWeaver, an unauthenticated attacker could exploit the system through the RMI-P4 module by submitting malicious payload to an open port. The deserialization of such untrusted Java objects could lead to arbitrary OS command execution, posing a high impact to the application's confidentiality, integrity, and availability.
EPSS
10 Critical
CVSS3
Дефекты
Связанные уязвимости
Due to a deserialization vulnerability in SAP NetWeaver, an unauthenticated attacker could exploit the system through the RMI-P4 module by submitting malicious payload to an open port. The deserialization of such untrusted Java objects could lead to arbitrary OS command execution, posing a high impact to the application's confidentiality, integrity, and availability.
Уязвимость модуля RMI-P4 программной интеграционной платформы SAP NetWeaver, позволяющая нарушителю выполнить произвольные команды
EPSS
10 Critical
CVSS3