The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue will not be fixed. (CVE-2019-17570) Note that Nessus relies on the presence of the package as reported by the…Read More