Exploit for Deserialization of Untrusted Data in Vmware Spring_For_Apache_Kafka

🗓️ 24 Apr 2024 03:54:16Reported by buiduchoang24Type

Exploit for Deserialization of Untrusted Data in Vmware Spring For Apache Kafka. Cloned from Github. Visit main repo PDF for analysis

Reporter	Title	Published	Views	Family All 21
GithubExploit	Exploit for Deserialization of Untrusted Data in Vmware Spring_For_Apache_Kafka	28 Sep 202311:18	–	githubexploit
IBM Security Bulletins	Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities	30 Jan 202404:12	–	ibm
IBM Security Bulletins	Security Bulletin: Netcool Operations Insights 1.6.11 addresses multiple security vulnerabilities.	20 Dec 202316:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	17 Oct 202400:20	–	ibm
IBM Security Bulletins	Security Bulletin: VMware Tanzu Spring for Apache Kafka is vulnerable to CVE-2023-34040 used in IBM Maximo Application Suite - Monitor Component	26 Sep 202318:33	–	ibm
BDU FSTEC	The vulnerability of the Spring-based Apache Kafka software platform (spring-kafka) is related to deficiencies in the deserialization mechanism. This allows attackers to execute arbitrary code or trigger service failures.	7 Sep 202300:00	–	bdu_fstec
Circl	CVE-2023-34040	24 Aug 202316:14	–	circl
CNNVD	Spring Framework 代码问题漏洞	24 Aug 202300:00	–	cnnvd
CVE	CVE-2023-34040	24 Aug 202312:59	–	cve
Cvelist	CVE-2023-34040 Java Deserialization vulnerability in Spring-Kafka When Improperly Configured	24 Aug 202312:59	–	cvelist

24 Apr 2024 04:04Current

7.8High risk

Vulners AI Score7.8

CVSS 3.15.3 - 7.8

EPSS0.21413

SSVC