The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CPE | Name | Operator | Version |
---|---|---|---|
release_control | eq | 9.21 | |
release_control | eq | 9.13 | |
release_control | eq | 9.20 |