PT-2026-48382 · Broadcom · Layer 7 Api Gateway
Published
2026-06-10
·
Updated
2026-06-10
·
CVE-2026-11815
CVSS v4.0
5.3
Medium
| Vector | AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects. This vulnerability could lead to broken security expectations or remote code execution.
Fix
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Layer 7 Api Gateway