Vulnerabilities > CVE-2020-11630 - Deserialization of Untrusted Data vulnerability in Primekey Ejbca
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. In several sections of code, the verification of serialized objects sent between nodes (connected via the Peers protocol) allows insecure objects to be deserialized.