CVE-2017-12149

In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
redhatCNA
---
---
CVEADP
---
---
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
redhatjboss_enterprise_application_platform
-
redhatjboss_enterprise_application_platform
5.0.0
redhatjboss_enterprise_application_platform
5.0.1
redhatjboss_enterprise_application_platform
5.1.0
redhatjboss_enterprise_application_platform
5.1.1
redhatjboss_enterprise_application_platform
5.1.2
redhatjboss_enterprise_application_platform
5.2.0
redhatjboss_enterprise_application_platform
5.2.1
redhatjboss_enterprise_application_platform
5.2.2
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
jbossas4
disco
dne
cosmic
dne
bionic
dne
artful
dne
zesty
dne
xenial
dne
trusty
dne
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/100591
https://access.redhat.com/errata/RHSA-2018:1607
https://access.redhat.com/errata/RHSA-2018:1608
https://bugzilla.redhat.com/show_bug.cgi?id=1486220
https://github.com/gottburgm/Exploits/tree/master/CVE-2017-12149
http://www.securityfocus.com/bid/100591
https://access.redhat.com/errata/RHSA-2018:1607
https://access.redhat.com/errata/RHSA-2018:1608
https://bugzilla.redhat.com/show_bug.cgi?id=1486220
https://github.com/gottburgm/Exploits/tree/master/CVE-2017-12149