Description

ForgeRock AM / OpenAM uses Jato framework internally. The framework is vulnerable to java deserialization attacks. An attacker could exploit this vulnerability using specially-crafted serialized data to execute arbitrary code on the system.

Remediation

Upgrade to the latest version of ForgeRock AM

References

Related Vulnerabilities