2 matches found
Cisco Unity Express Insecure Deserialization (CVE-2018-15381)
An insecure deserialization vulnerability exists in Cisco Unity Express. Successful exploitation of this vulnerability would allow remote attackers to send a specially crafted serialized object to the vulnerable server...
CVE-2018-15381
Cisco Unity Express (CUE) is affected by CVE-2018-15381 due to insecure Java deserialization, allowing an unauthenticated remote attacker to execute arbitrary shell commands with root privileges by sending a malicious serialized Java object to the RMI service. Affected releases prior to Cisco Uni...