Arbitrary Code Execution via Deserialization in Dell SonicWALL GMS, Analyzer, and UMA EM5000

Arbitrary Code Execution via Deserialization in Dell SonicWALL GMS, Analyzer, and UMA EM5000

CVE-2016-2397 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data.

Learn more about our Cis Benchmark Audit For Server Software.