Lexmark Markvision Enterprise before 2.3.0 misuses the Apache Commons Collections Library, leading to remote code execution because of Java deserialization.
References
Link | Resource |
---|---|
http://support.lexmark.com/index?page=content&id=TE747&locale=EN&userlocale=EN_US | Vendor Advisory |
Configurations
Information
Published : 2020-03-09 12:15
Updated : 2020-03-10 13:02
NVD link : CVE-2016-1487
Mitre link : CVE-2016-1487
JSON object : View
CWE
CWE-502
Deserialization of Untrusted Data
Products Affected
lexmark
- markvision_enterprise