Java Serialization Detected
What is it?
Java Serialization seems to be in use. If the serialized data is not correctly validated, an attacker can send a specially crafted object that leads to dangerous “Remote Code Execution”. A magic sequence identifying JSO has been detected (Base64: rO0AB, Raw: 0xac, 0xed, 0x00, 0x05).
Test case FAQs
When is this test case applicable?
This is applicable for all API endpoints when the Baseline security category is enabled in test plans.
How does it work?
API requests and responses are analyzed for the presence of Java Serialization Objects (based on magic sequences that indicate the presence of JSOs).
What is the solution?
Deserialization of untrusted data is inherently dangerous and should be avoided. APIs should always validate the serialized data thoroughly before consumption.