Search criteria
1 vulnerability by Pivotal/Spring
CVE-2017-3203 (GCVE-0-2017-3203)
Vulnerability from cvelistv5 – Published: 2018-06-11 17:00 – Updated: 2024-08-05 14:16
VLAI
Title
Pivotal/Spring Spring-flex's Action Message Format (AMF3) Java implementation is vulnerable to insecure deserialization
Summary
The Java implementations of AMF3 deserializers in Pivotal/Spring Spring-flex derive class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized.
Severity
No CVSS data available.
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://codewhitesec.blogspot.com/2017/04/amf.html | x_refsource_MISC |
| https://www.kb.cert.org/vuls/id/307983 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securityweek.com/flaws-java-amf-librar… | x_refsource_MISC |
| https://www.securityfocus.com/bid/97376 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Pivotal/Spring | Spring-flex |
Affected:
0
|
Date Public
2017-04-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codewhitesec.blogspot.com/2017/04/amf.html"
},
{
"name": "VU#307983",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/307983"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityweek.com/flaws-java-amf-libraries-allow-remote-code-execution"
},
{
"name": "97376",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/97376"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Spring-flex",
"vendor": "Pivotal/Spring",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"datePublic": "2017-04-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Java implementations of AMF3 deserializers in Pivotal/Spring Spring-flex derive class instances from java.io.Externalizable rather than the AMF3 specification\u0027s recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-11T16:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://codewhitesec.blogspot.com/2017/04/amf.html"
},
{
"name": "VU#307983",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/307983"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityweek.com/flaws-java-amf-libraries-allow-remote-code-execution"
},
{
"name": "97376",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "https://www.securityfocus.com/bid/97376"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Pivotal/Spring Spring-flex\u0027s Action Message Format (AMF3) Java implementation is vulnerable to insecure deserialization",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-3203",
"STATE": "PUBLIC",
"TITLE": "Pivotal/Spring Spring-flex\u0027s Action Message Format (AMF3) Java implementation is vulnerable to insecure deserialization"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spring-flex",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "0",
"version_value": "0"
}
]
}
}
]
},
"vendor_name": "Pivotal/Spring"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Java implementations of AMF3 deserializers in Pivotal/Spring Spring-flex derive class instances from java.io.Externalizable rather than the AMF3 specification\u0027s recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502: Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://codewhitesec.blogspot.com/2017/04/amf.html",
"refsource": "MISC",
"url": "https://codewhitesec.blogspot.com/2017/04/amf.html"
},
{
"name": "VU#307983",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/307983"
},
{
"name": "http://www.securityweek.com/flaws-java-amf-libraries-allow-remote-code-execution",
"refsource": "MISC",
"url": "http://www.securityweek.com/flaws-java-amf-libraries-allow-remote-code-execution"
},
{
"name": "97376",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/97376"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-3203",
"datePublished": "2018-06-11T17:00:00.000Z",
"dateReserved": "2016-12-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:16:28.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}