Exploit for #VU28158 Deserialization of Untrusted Data in Apache Tomcat


Published: 2020-06-03 | Updated: 2023-02-21

Vulnerability identifier: #VU28158

Vulnerability risk: High

CVSSv3.1: 7.3 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-9484

CWE-ID: CWE-502

Exploitation vector: Network

Exploits in database: 20

Impact: Code execution

Vulnerable software:
Apache Tomcat
Server applications / Web servers

Vendor: Apache Foundation