|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-11-26 | |
| Rule Name: | Bessystem BES spark Remote Code Execution Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Bessystem BES middleware is a JavaEE application server. The Spark service of Bessystem BES uses serialization and deserialization techniques to process data efficiently. An unauthorized attacker can use this vulnerability to bypass the blacklist restrictions of deserialization and execute arbitrary code. | |
| Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |