1. Summary

Vulnerability Name Apache Tapestry Deserialization Vulnerability
Attack Type Deserialization
Time Discovered 2022-12-05
Updated Time 2022-12-08
CVE ID CVE-2022-46366

 

The vulnerability is due to the full version of Apache Tapestry 3 allowing the deserialization of untrusted data, which results in remote code execution.

Apache Tapestry Deserialization Vulnerability (CVE-2022-46366)

2. Affected Versions

3.0≤ Apache Tapestry < 4.0

3. Solution

  1. Sangfor Cyber Guardian - Sangfor experts offer 24/7 security operations service. Sangfor experts conduct vulnerability scan across the network in the first place when vulnerability exploit occurs. Even if vulnerability exists in any host, check and update security policies on your Sangfor security device have been made to prevent possible vulnerability exploits.
  2. Sangfor NGAF - Updates to the latest security protection policies can make protection against this high-severity vulnerability very easy.
  3. Sangfor Cyber Command - Realtime alerts can be triggered when vulnerability exploit is detected, meanwhile, correlation to Sangfor NGAF will be made to block attacker IP address.
  4. Currently, the latest version has been officially released, and affected users are advised to update and upgrade to the latest version in time. The link is as follows: https://tapestry.apache.org/download.html

Listen To This Post

Search

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Name
Email Address
Business Phone Number
Tell us about your project requirements

Related Articles

CVE-2024-47575: Fortinet FortiManager Authentication Vulnerability

Date : 25 Oct 2024
Read Now

CVE-2024-38819: Path Traversal Vulnerability

Date : 19 Oct 2024
Read Now

CVE-2024-40766: SonicWALL SonicOS Access Control Flaw Vulnerability

Date : 12 Sep 2024
Read Now

See Other Product

Sangfor Omni-Command
Replace your Enterprise NGAV with Sangfor Endpoint Secure
Cyber Command - NDR Platform
Endpoint Secure
Internet Access Gateway (IAG)
Sangfor Network Secure - Next Generation Firewall