Back to search
CVE-2017-9830
Published: Jun 27, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
Remote Code Execution is possible in Code42 CrashPlan 5.4.x via the org.apache.commons.ssl.rmi.DateRMI Java class, because (upon instantiation) it creates an RMI server that listens on a TCP port and deserializes objects sent by TCP clients.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://blog.radicallyopensecurity.com/CVE-2017-9830.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now