|
|
|||
| Rule General Information |
|---|
| Release Date: | 2023-08-22 | |
| Rule Name: | Seeyon OA M1 Server userTokenService Remote Code Execution Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Seeyon M1 Server is a mobile collaboration software, based on mobile Internet technology, enabling 24/7 online access to corporate information. Seeyon OA M1 Server userTokenService interface has a remote code execution vulnerability, unauthorized attackers construct malicious serialization data, trigger deserialization operation, can execute arbitrary code on the server side, write backdoors, obtain server permissions, and then control the entire Web server. | |
| Impact: | An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |