Critical Deserialization in ArgusDBM AviatorScript Handler <0.1.0
CVE-2024-6644 Published on July 10, 2024
zmops ArgusDBM AviatorScript CalculateAlarm.java getDefaultClassLoader deserialization
A vulnerability was found in zmops ArgusDBM up to 0.1.0. It has been classified as critical. Affected is the function getDefaultClassLoader of the file CalculateAlarm.java of the component AviatorScript Handler. The manipulation leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-271050 is the identifier assigned to this vulnerability.
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update
Weakness Type
What is a Marshaling, Unmarshaling Vulnerability?
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
CVE-2024-6644 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.
Affected Versions
zmops ArgusDBM:- Version 0.1 is affected.
- Version 0.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.