CVE-2019-16755

CVE-2019-16755

A vulnerability was discovered in BMC MyIT Digital Workplace DWP before 18.11. The DWP component sso.session.restore.cookies stores data using java serialization method. The vulnerability can be triggered by using an ivalid cookie that contains an embedded system command within a DWP API call, as demonstrated by the /dwp/rest/v2/administrator URI.

Source: CVE-2019-16755

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다