Arbitrary Code Execution via Java Deserialization in SAS Web Infrastructure Platform

Arbitrary Code Execution via Java Deserialization in SAS Web Infrastructure Platform

CVE-2018-20732 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a Java deserialization variant.

Learn more about our Web App Pen Testing.