3 matches found
Cisco Security Manager Insecure Deserialization (CVE-2019-12630)
An insecure deserialization vulnerability exists in Cisco Security Manager. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system...
CVE-2019-12630
Cisco Security Manager (CSM) is affected by CVE-2019-12630 due to insecure Java deserialization, enabling unauthenticated remote command execution via a malicious serialized object sent to a listener. The vulnerability permits execution of arbitrary commands on the device with casuser privileges....
Cisco Security Manager CVE-2019-12630 Java Deserialization Command Execution Vulnerability
Description Cisco Security Manager is prone to a command-execution vulnerability. Attackers can exploit this issue to execute arbitrary commands within the context of the affected device. Failed exploit attempts may result in a denial-of-service condition. This issue is tracked by Cisco Bug ID...