Java Deserialization in Solarwinds Virtualization Manager 6.3.1 Product: Solarwinds Virtualization Manager Vendor: Solarwinds Vulnerable Version(s): < 6.3.1 Tested Version: 6.3.1 Vendor Notification: April 25th, 2016 Vendor Patch Availability to Customers: June 1st, 2016 Public Disclosure: June 14th, 2016 Vulnerability Type: Deserialization of Untrusted Data [CWE-502] CVE Reference: CVE-2016-3642 Risk Level: High CVSSv2 Base Score: 10 (AV:N/AC:L/Au:N/C:C/I:C/A:C) Solution Status: Solution Available Discovered and Provided: Nate Kettlewell, Depth Security ( http://ift.tt/21msDFv )
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment