CVE-2019-0344: SAP Commerce Cloud Deserialization of Untrusted Data

SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability. SAP Commerce Cloud (formerly known as Hybris) contains a deserialization of untrusted data vulnerability within the mediaconversion and virtualjdbc extension that allows for code injection.

• CISA KEV-listed (remediation due 2024-10-21)
• EPSS 40.2% (97.4% percentile)

Browse the CVE database

Read the full analysis on IntelFusions