Skip to main content
CVE-2017-1000486 CRITICAL POC KEV PATCH THREAT Act Now

Primetek PrimeFaces 5.x uses weak encryption for ViewState parameters, allowing unauthenticated remote code execution through crafted serialized Java objects sent via the ViewState mechanism.

NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
93.7%
Threat
9.8

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy