← voltar
CVE-2023-4528

JSCAPE MFT Server Unsafe Deserialization on Management Port

CVSS 7.2 HIGHEPSS 27.1%CWE-502
Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Redwood Software · JSCAPE MFT Server

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.jscape.com/blog/binary-management-service-patch-cve-2023-4528https://www.rapid7.com/blog/post/2023/09/07/cve-2023-4528-java-deserialization-vulnerability-in-jscape-mft-fixed/