CVE-2021-35464 Scanner

ForgeRock identifies itself as a leader in digital identity management solutions. Its AM server (Access Management) is a central component of the ForgeRock Identity Platform. The server handles user access to applications or services. Access is granted or denied based on user permissions, and granted users are authenticated. The server is used in various industries, including healthcare, finance, e-commerce, and government.

However, the server was subject to a significant vulnerability - CVE-2021-35464. This vulnerability arises from a Java deserialization flaw in the jato.pageSession parameter. Any attacker can access this parameter remotely, without authentication. Once they exploit the vulnerability, a single crafted /ccversion/* request allows the attacker to execute remote code on the server.

The exploit can lead to various consequences, including stealing sensitive data, running arbitrary code, and complete server disruption. An attacker can execute code in the context of the AM server, allowing them to compromise the entire ForgeRock Identity Platform. The impact can be enormous if the server is used in a critical system or industry.

Thanks to the pro features of the securityforeveryone.com platform, it's easy to determine if your digital assets are vulnerable to CVE-2021-35464 or any other threats. The platform provides access to comprehensive vulnerability and threat analysis, penetration testing, and security best practices. Protect your digital assets—rely on securityforeveryone.com.

REFERENCES

• https://bugster.forgerock.org 
• http://packetstormsecurity.com/files/163486/ForgeRock-OpenAM-Jato-Java-Deserialization.html 
• http://packetstormsecurity.com/files/163525/ForgeRock-Access-Manager-OpenAM-14.6.3-Remote-Code-Execution.html 
• https://backstage.forgerock.com/knowledge/kb/article/a47894244