XStream Insecure Deserialization (CVE-2021-21345)

Check Point Reference: CPAI-2021-2079 Date Published: 11 Feb 2024 Severity: Critical Last Updated: Sunday 11 February, 2024 Source: Industry Reference:CVE-2021-21345
Protection Provided by:

Security Gateway
R81, R80, R77, R75

Who is Vulnerable? XStream Project prior to 1.4.16 Vulnerability Description An insecure deserialization vulnerability exists in XStream. Successful exploitation could result in remote code execution in the context of the service.