CVE-2022-0138

MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 has a deserialization function that does not validate or check the data, allowing arbitrary classes to be created.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-034-02 Third Party Advisory US Government Resource
Configurations

Configuration 1

cpe:2.3:a:airspan:mimosa_management_platform:*:*:*:*:*:*:*:*

Information

Published : 2022-02-18 06:15

Updated : 2022-02-26 03:37


NVD link : CVE-2022-0138

Mitre link : CVE-2022-0138

Products Affected
No products.
CWE
CWE-502

Deserialization of Untrusted Data