CVE-2020-11630

2020-04-0723:34:10

mitre

www.cve.org

AI Score

9.4

Confidence

High

EPSS

0.005

Percentile

75.4%

JSON

An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. In several sections of code, the verification of serialized objects sent between nodes (connected via the Peers protocol) allows insecure objects to be deserialized.

References

support.primekey.com/news/posts/ejbca-security-advisory-deserialization-bug