Skip to content Skip to sidebar Skip to footer

Critical RCE Flaw in ForgeRock Access Manager Under Active Attack

The vulnerability affects ForgeRock’s OpenAM access management tool. It could be leveraged to execute arbitrary code on an affected system remotely. The issue is a pre-authentication remote code execution (RCE) vulnerability in ForgeRock Access Manager. It stems from an unsafe Java deserialization in the Jato framework used by the software. ForgeRock customers are advised to move quickly to deploy the patches to mitigate the risk associated with the flaw. It has been addressed in version AM 7 released on June 29, 2021.


Sign Up to Our Newsletter

Be the first to know the latest updates