This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote NetIQ Sentinel server is affected by a remote code
The remote Novell NetIQ Sentinel server is affected by a remote code
execution vulnerability due to unsafe deserialize calls of
unauthenticated Java objects to the Apache Commons Collections (ACC)
library. An unauthenticated, remote attacker can exploit this, by
sending a specially crafted serialized Java object via the RMI
interface, to execute arbitrary code with the privileges of the
See also :
Upgrade to NetIQ Sentinel version 7.4.1 or later. Alternatively,
contact the vendor for a workaround.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now