PT-2023-27070 · Unknown · Sollace Unicopia
Apple502J
·
Published
2023-10-19
·
Updated
2023-10-26
·
CVE-2023-39680
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Sollace Unicopia versions 1.1.1 and before
Description
The issue allows attackers to execute arbitrary code due to the deserialization of untrusted data.
Recommendations
For versions 1.1.1 and before, update to a version that does not deserialize untrusted data to prevent arbitrary code execution.
As a temporary workaround, consider restricting the input data to trusted sources until a patch is available.
Fix
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sollace Unicopia