Improper Validation of Serialized Java Objects in CA Spectrum 9.2.x and 9.3.x

Improper Validation of Serialized Java Objects in CA Spectrum 9.2.x and 9.3.x

CVE-2015-2828 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

CA Spectrum 9.2.x and 9.3.x before 9.3 H02 does not properly validate serialized Java objects, which allows remote authenticated users to obtain administrative privileges via crafted object data.

Learn more about our User Device Pen Test.