CVE-2021-22855

Summary

The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands.

Affected Software

VendorProductVersion RangeStatus
Soar Cloud System Co., Ltd.HR Portal0 7.3.2020.1013affected

Weaknesses

  • CWE-502: CWE-502 Deserialization of Untrusted Data

ADP Enrichment

CVE Program Container

Additional References

References