CVE-2023-4528

CVSS V2 None CVSS V3 None
Description
Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface
Overview
  • CVE ID
  • CVE-2023-4528
  • Assigner
  • rapid7
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-09-07T17:39:42.355Z
  • Last Modified Date
  • 2023-09-07T17:39:42.355Z
Weakness Enumerations
CWE URL
CWE-502 http://cwe.mitre.org/data/definitions/502.html
References
Reference URL Reference Tags
https://www.jscape.com/blog/binary-management-service-patch-cve-2023-4528
https://www.rapid7.com/blog/post/2023/09/07/cve-2023-4528-java-deserialization-vulnerability-in-jscape-mft-fixed/
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-4528
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4528
History
Created Old Value New Value Data Type Notes
2024-06-24 19:26:05 Added to TrackCVE