This script is Copyright (C) 2017 Tenable Network Security, Inc.
A web application running on the remote host is affected by a remote
code execution vulnerability.
The version of Cisco Security Manager running on the remote web server
is affected by a remote code execution vulnerability due to unsafe
deserialize calls of unauthenticated Java objects to the Apache
Commons Collections (ACC) library. An unauthenticated, remote attacker
can exploit this, by sending a crafted RMI request, to execute
arbitrary code on the target host
See also :
Upgrade to the relevant fixed version referenced in Cisco bug ID
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.5
Public Exploit Available : false