CVE-2015-5348 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.1 HIGH	NETWORK	HIGH	NONE	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 91%

Affected Products (NVD)

Vendor	Product	Version
apache	camel	2.6.0
apache	camel	2.7.0
apache	camel	2.7.1
apache	camel	2.7.2
apache	camel	2.7.3
apache	camel	2.7.4
apache	camel	2.7.5
apache	camel	2.8.0
apache	camel	2.8.1
apache	camel	2.8.2
apache	camel	2.8.3
apache	camel	2.8.4
apache	camel	2.8.5
apache	camel	2.8.6
apache	camel	2.9.0
apache	camel	2.9.1
apache	camel	2.9.2
apache	camel	2.9.3
apache	camel	2.9.4
apache	camel	2.9.5
apache	camel	2.9.6
apache	camel	2.9.7
apache	camel	2.9.8
apache	camel	2.10.0
apache	camel	2.10.1
apache	camel	2.10.2
apache	camel	2.10.3
apache	camel	2.10.4
apache	camel	2.10.5
apache	camel	2.10.6
apache	camel	2.10.7
apache	camel	2.11.0
apache	camel	2.11.1
apache	camel	2.11.2
apache	camel	2.11.3
apache	camel	2.11.4
apache	camel	2.12.0
apache	camel	2.12.1
apache	camel	2.12.2
apache	camel	2.12.3
apache	camel	2.12.4
apache	camel	2.12.5
apache	camel	2.13.0
apache	camel	2.13.1
apache	camel	2.13.2
apache	camel	2.13.3
apache	camel	2.13.4
apache	camel	2.14.0
apache	camel	2.14.1
apache	camel	2.14.2
apache	camel	2.14.3
apache	camel	2.14.4
apache	camel	2.15.0
apache	camel	2.15.1
apache	camel	2.15.2
apache	camel	2.15.3
apache	camel	2.15.4
apache	camel	2.16.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-19 -

References

http://camel.apache.org/security-advisories.data/CVE-2015-5348.txt.asc

http://packetstormsecurity.com/files/134946/Apache-Camel-Java-Object-Deserialization.html

http://rhn.redhat.com/errata/RHSA-2016-2035.html

http://www.securityfocus.com/archive/1/537147/100/0/threaded

http://www.securityfocus.com/bid/80696

https://issues.apache.org/jira/browse/CAMEL-9309

https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E

https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E

http://camel.apache.org/security-advisories.data/CVE-2015-5348.txt.asc

http://packetstormsecurity.com/files/134946/Apache-Camel-Java-Object-Deserialization.html

http://rhn.redhat.com/errata/RHSA-2016-2035.html

http://www.securityfocus.com/archive/1/537147/100/0/threaded

http://www.securityfocus.com/bid/80696

https://issues.apache.org/jira/browse/CAMEL-9309

https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E

https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E