CVE-2023-29492 - Novi Survey Insecure Deserialization Vulnerability
Project:Novi Survey
Product:Novi Survey
Date Added:2023-04-13Due Date:2023-05-04
Vulnerability Name
Novi Survey Insecure Deserialization Vulnerability
Description
Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx
https://nvd.nist.gov/vuln/detail/CVE-2023-29492