|
|
|||
| Rule General Information |
|---|
| Release Date: | 2017-09-08 | |
| Rule Name: | ManageEngine Applications Manager Apache Commons Collections Insecure Deserialization Vulnerability -1.3 (CVE-2016-9498) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | An insecure deserialization vulnerability exists in ManageEngine Applications Manager, This vulnerability is due to the inclusion of the vulnerable version of Apache Commons Collections library in the classpath combined with insecure deserialization. | |
| Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Solaris, Other Unix, FreeBSD, Linux | |
| Reference: | CVE-2016-9498 |
|
| Solutions |
|---|
| Update vendor's patch. |