CVE-2021-3160P2CRITICALCVSS 9.8v359.32021-01-28
CVE-2021-3160 [CRITICAL] CWE-502 CVE-2021-3160: Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA ASS
Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA ASSUREX RENTES product allows a remote attacker to inject unsecure serialized Java object using a specially crafted HTTP request, resulting in an unauthenticated remote code execution on the server.
nvd