Chart Endpoint Deserialization of Untrusted Data RCE Vulnerability (CVE-2021-35218)

Summary

Chart Endpoint Deserialization of Untrusted Data RCE.

Affected Products

  • Patch Manager 2020.2.5 and earlier

Fixed Software Release

Acknowledgments

  • Jangggggg via Trend Micro Zero Day Initiative
Advisory Details
Severity
High
Advisory ID

CVE-2021-35218

First Published
07/15/2021
Fixed Version

Patch Manager 2020.2.6

CVSS Score

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:
H/I:H/A:L

Download PDF
Send an Email