ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the server. The vulnerability exists due to the usage of Sun ONE Application Framework (JATO) found in versions of Java 8 or earlier

The version of Open Access Management (OpenAM) detected on the remote host is affected by a remote code execution vulnerability due to unsafe object deserialization. An unauthenticated, remote attacker can exploit this to execute code on the remote host.

The version of ForgeRock Access Management detected on the remote host is affected by a remote code execution vulnerability due to unsafe object deserialization. An unauthenticated, remote attacker can exploit this to execute code on the remote host.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ForgeRock OpenAM is a popular access management software which is used to provide single sign-on (SSO) features to web applications. ForgeRock OpenAM versions below 7.0 suffer from a deserialization vulnerability, allowing a remote unauthenticated attacker to perform remote code execution on the target application.

ID	Name	Product	Family	Severity
152139	OpenAM RCE (CVE-2021-35464)	Nessus	CGI abuses	critical
151291	ForgeRock Access Management < 7.0 RCE	Nessus	CGI abuses	critical
112812	ForgeRock OpenAM < 7.0 Remote Code Execution	Web App Scanning	Component Vulnerability	critical

Detections

Analytics

CVE-2021-35464

critical

Tenable Plugins

critical

critical

critical