CVE-2019-0344

SAP Commerce Cloud (formerly known as Hybris) contains a deserialization of untrusted data vulnerability within the mediaconversion and virtualjdbc extension that allows for code injection. Vendor/Product: SAP Commerce Cloud. Added to CISA KEV 2024-09-30; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.