1 results (0.003 seconds)
CVSS: 9.8EPSS: 56%CPEs: 2EXPL: 5
CVSS: 9.8EPSS: 56%CPEs: 2EXPL: 5CVE-2018-9843 – CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-9843
09 Apr 2018 — The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute arbitrary code via a serialized .NET object in an Authorization HTTP header. La API REST en CyberArk Password Vault Web Access, en versiones anteriores a la 9.9.5 y en versiones 10.x anteriores a la 10.1, permite que atacantes remotos ejecuten código arbitrario mediante un objeto .NET serializado en una cabecera Authorization HTTP. The CyberArk Password Vault Web Access application uses au... • https://packetstorm.news/files/id/147105 • CWE-502: Deserialization of Untrusted Data •