Known Exploited Vulnerabilities CVE-2021-35464 Mappings

ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the server. The vulnerability exists due to the usage of Sun ONE Application Framework (JATO) found in versions of Java 8 or earlier

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2021-35464 ForgeRock Access Management (AM) Core Server Remote Code Execution Vulnerability primary_impact T1059 Command and Scripting Interpreter
Comments
CVE-2021-35464, a pre-auth remote code execution (RCE) vulnerability in ForgeRock Access Manager identity and access management software. ForgeRock front-ends web applications and remote access solutions in many enterprises.
References
CVE-2021-35464 ForgeRock Access Management (AM) Core Server Remote Code Execution Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
CVE-2021-35464, a pre-auth remote code execution (RCE) vulnerability in ForgeRock Access Manager identity and access management software. ForgeRock front-ends web applications and remote access solutions in many enterprises.
References