Security Advisory

Cybersecurity

As IoT adoption continues to proliferate, cybersecurity has become one of the top priorities. Aten created a vulnerability management policy to provide guidance and information to our customers in the event of a reported vulnerability. The management policy ensures that Aten's customers have steady, unambiguous resources to help them understand how Aten resolves or mitigates reported vulnerabilities.

Vulnerability Overview

CVE-2023-37895

Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contains a class that can be used for remote code execution over RMI.

Users are advised to immediately update to versions 2.20.11 or 2.21.18. Note that earlier stable branches (1.0.x .. 2.18.x) have been EOLd already and do not receive updates anymore.

Release Date: 2023/07/25

Vulnerability Metrics

Vulnerability Scoring Details :

The vulnerability scores and vectors are listed below.

Severity	CVSS Score	Vector
CRITICAL	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tech Assistance

	FAQ
	Discontinued Products

Latest Server Room Solutions Guide is Now Available

Remote Monitoring for Mobile Testing Carts

In-Depth Product Insights

ATEN Pro Audio Series

Optimize Data Center Sustainability with ATEN PG Series eco PDUs

Podcast AI Audio Mixer - MicLIVE (UC8000) by ATEN!

ATEN ACS Online Training

Security Advisory

Cybersecurity

Vulnerability Overview

CVE-2023-37895

Vulnerability Metrics

Vulnerability Scoring Details :

Tech Assistance

Where to buy

Security Advisory

Cybersecurity

Vulnerability Overview

CVE-2023-37895

Vulnerability Metrics

Vulnerability Scoring Details :

Tech Assistance

Where to buy

Your Privacy Choices