Exploit for #VU83980 Deserialization of Untrusted Data in Spring AMQP

Exploit for #VU83980 Deserialization of Untrusted Data in Spring AMQP

Published: 2024-06-28

Vulnerability identifier: #VU83980

Vulnerability risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2023-34050

CWE-ID: CWE-502

Exploitation vector: Network

Exploits in database: 1

June 28, 2024
- spring-amqp-deserialization (PoC of Spring AMQP Deserialization Vulnerability (CVE-2023-34050)) [Github]

Impact: Data manipulation

Vulnerable software:
Spring AMQP
Server applications / Other server solutions

Vendor: VMware, Inc