HPE Intelligent Management Center TopoDebugServlet Insecure Deserialization

An insecure deserialization vulnerability has been reported in HPE Intelligent Management Center. The vulnerability is due to deserialization of untrusted data by the TopoDebugServlet while having vulnerable classes in the code path. A remote, authenticated attacker can exploit this vulnerability by sending a maliciously crafted serialized object.

You can read the full article here.