Remote Code Execution and Denial of Service Vulnerability in Jamf Pro

Remote Code Execution and Denial of Service Vulnerability in Jamf Pro

CVE-2019-17076 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in Jamf Pro 9.x and 10.x before 10.15.1. Deserialization of untrusted data when parsing JSON in several APIs may cause Denial of Service (DoS), remote code execution (RCE), and/or deletion of files on the Jamf Pro server.

Learn more about our Cis Benchmark Audit For Server Software.