Vulnerabilities > CVE-2022-29936 - Deserialization of Untrusted Data vulnerability in USU Oracle Optimization 5.16.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
USU Oracle Optimization before 5.17 allows authenticated quantum users to achieve remote code execution because of /v2/quantum/save-data-upload-big-file Java deserialization. NOTE: this is not an Oracle Corporation product.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |