CVE-2023-5183

Name of the Vulnerable Software and Affected Versions Illumio PCE (affected versions not specified)

Description The issue is related to unsafe deserialization of untrusted JSON, which allows execution of arbitrary code on affected releases of the Illumio PCE. To exploit this, authentication to the API is required. The flaw exists within the "network traffic" API endpoint, allowing an attacker to execute code in the context of the PCE's operating system user.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.