Vulnerabilities > CVE-2016-4326 - Remote Code Execution vulnerability in Chef Manage add-on
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The Chef Manage (formerly opscode-manage) add-on before 1.12.0 for Chef allows remote attackers to execute arbitrary code via crafted serialized data in a cookie. <a href="http://cwe.mitre.org/data/definitions/502.html">CWE-502: Deserialization of Untrusted Data</a>
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |