VYPR
Unrated severityNVD Advisory· Published Jun 2, 2021· Updated Aug 3, 2024

Authorized deserialization of untrusted data in McAfee DBSec

CVE-2021-23895

Description

Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.