cve-2016-4373

Vulnerability from cvelistv5

Published

2016-08-01 01:00

Modified

2024-08-06 00:25

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/92122
cve@mitre.org	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/92122
af854a3a-2127-422b-91ae-364da2661108	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507	Vendor Advisory

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:25:14.479Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507"
          },
          {
            "name": "92122",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/92122"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-07-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507"
        },
        {
          "name": "92122",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/92122"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-4373",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507"
            },
            {
              "name": "92122",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/92122"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-4373",
    "datePublished": "2016-08-01T01:00:00",
    "dateReserved": "2016-04-29T00:00:00",
    "dateUpdated": "2024-08-06T00:25:14.479Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:operations_manager:*:*:*:*:*:linux:*:*\", \"versionEndIncluding\": \"9.21.120\", \"matchCriteriaId\": \"06F785CD-B812-4C14-97EE-BC260A29BC0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:operations_manager:*:*:*:*:*:solaris:*:*\", \"versionEndIncluding\": \"9.21.120\", \"matchCriteriaId\": \"3BC3C084-D5A9-47EB-924D-378CD03C6DA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:operations_manager:*:*:*:*:*:unix:*:*\", \"versionEndIncluding\": \"9.21.120\", \"matchCriteriaId\": \"3B964F79-50C5-41D9-9C96-C4A8B4749193\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:linux:*:*:*\", \"matchCriteriaId\": \"4A55C8DF-ECDF-4381-90AF-FD80C20B90EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:solaris:*:*:*\", \"matchCriteriaId\": \"BA47FC02-5EB0-43FD-BCD6-66A4B2304FC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:unix:*:*:*\", \"matchCriteriaId\": \"BEC1FF73-D499-4F2A-80B4-C901F02DC5B7\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.\"}, {\"lang\": \"es\", \"value\": \"El AdminUI en HPE Operations Manager (OM) en versiones anteriores a 9.21.130 en Linux, Unix y Solaris permite a atacantes remotos ejecutar comandos arbitrarios a trav\\u00e9s de un objeto Java serializado manipulado, relacionado con la librer\\u00eda Apache Commons Collections (ACC).\"}]",
      "id": "CVE-2016-4373",
      "lastModified": "2024-11-21T02:51:58.513",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2016-08-01T02:59:13.417",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/92122\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/92122\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-284\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-4373\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-08-01T02:59:13.417\",\"lastModified\":\"2024-11-21T02:51:58.513\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.\"},{\"lang\":\"es\",\"value\":\"El AdminUI en HPE Operations Manager (OM) en versiones anteriores a 9.21.130 en Linux, Unix y Solaris permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de un objeto Java serializado manipulado, relacionado con la librer\u00eda Apache Commons Collections (ACC).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:operations_manager:*:*:*:*:*:linux:*:*\",\"versionEndIncluding\":\"9.21.120\",\"matchCriteriaId\":\"06F785CD-B812-4C14-97EE-BC260A29BC0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:operations_manager:*:*:*:*:*:solaris:*:*\",\"versionEndIncluding\":\"9.21.120\",\"matchCriteriaId\":\"3BC3C084-D5A9-47EB-924D-378CD03C6DA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:operations_manager:*:*:*:*:*:unix:*:*\",\"versionEndIncluding\":\"9.21.120\",\"matchCriteriaId\":\"3B964F79-50C5-41D9-9C96-C4A8B4749193\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:linux:*:*:*\",\"matchCriteriaId\":\"4A55C8DF-ECDF-4381-90AF-FD80C20B90EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:solaris:*:*:*\",\"matchCriteriaId\":\"BA47FC02-5EB0-43FD-BCD6-66A4B2304FC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:unix:*:*:*\",\"matchCriteriaId\":\"BEC1FF73-D499-4F2A-80B4-C901F02DC5B7\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/92122\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/92122\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

gsd-2016-4373

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2016-4373

Aliases

CVE-2016-4373

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-4373",
    "description": "The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.",
    "id": "GSD-2016-4373"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-4373"
      ],
      "details": "The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.",
      "id": "GSD-2016-4373",
      "modified": "2023-12-13T01:21:18.756011Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2016-4373",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507",
            "refsource": "CONFIRM",
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507"
          },
          {
            "name": "92122",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/92122"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:unix:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:solaris:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hp:operations_manager:*:*:*:*:*:linux:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.21.120",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hp:operations_manager:*:*:*:*:*:unix:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.21.120",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hp:operations_manager:*:*:*:*:*:solaris:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.21.120",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:linux:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-4373"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507"
            },
            {
              "name": "92122",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/92122"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2016-11-28T20:17Z",
      "publishedDate": "2016-08-01T02:59Z"
    }
  }
}

The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. EAP Controller for Linux lacks user authentication for RMI service commands, as well as utilizes an outdated vulnerable version of Apache commons-collections, which may allow an attacker to implement deserialization attacks and control the EAP Controller server. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlSkillfully crafted serialized by a third party Java An arbitrary command may be executed through the object. Apache Commons Collections (ACC) The library deserialization process is vulnerable. Java Application ACC When using the library directly or within the range accessible by specifying the class path ACC If a library is installed, arbitrary code may be executed. Apache Commons Collections (ACC) Library http://commons.apache.org/proper/commons-collections/ Deserialize untrusted data (CWE-502) 2015 Year 1 Held on the moon AppSec California 2015 In Gabriel Lawrence Mr. and Chris Frohoff He talked about a vulnerability that could deserialize untrusted data and showed that it could execute arbitrary code. Any use of the serialization function that is not appropriate Java Application or Java Libraries are affected by this vulnerability. Deserialize untrusted data (CWE-502) http://cwe.mitre.org/data/definitions/502.html Gabriel Lawrence Mr. and Chris Frohoff Mr. Lecture http://frohoff.github.io/appseccali-marshalling-pickles/ 2015 Year 11 A month Foxglove Security of Stephen Breen Mr. this problem Apache Commons Collections (ACC) Exist in the library, especially for deserializing untrusted data InvokerTransformer It was pointed out that arbitrary code could be executed when using classes. ACC Software that uses the library, WebSphere , Jenkins , WebLogic , OpenNMS Etc. are also affected. Foxglove Security of Stephen Breen Mr (What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.) http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ Jenkins https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 WebLogic http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html?elq_mid=31793&sh=&cmid=WWSU12091612MPP001C179 ACC Library version 3.2.1 , 4.0 Both are affected by this vulnerability. version 3.2.1 , 4.0 https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread Apache Software Fondation Has posted an official view of the vulnerability on its blog. Here you can find advice on countermeasures and links to related information. In addition, entries related to this vulnerability (COLLECTIONS-580) Is built on a bug management system. Official view https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread Entries related to this vulnerability (COLLECTIONS-580) https://issues.apache.org/jira/browse/COLLECTIONS-580 ACC other than, Groovy And Spring The same problem is being investigated for these issues. Lawrence Mr. and Frohoff In his presentation material, Java not only Python And Ruby It is stated that the same problem exists in applications and libraries written in the above. Regardless of the programming language or library used, it is important to fully consider the data serialization capabilities from the software design stage.Apache Commons Collections I'm using a library Java Application or Java Library is optional Java It may be possible to execute code. Also, ACC Even if the library is not used directly, it can be accessed by specifying the class path. ACC If the library exists, any Java It may be possible to execute code. It can extend or add Java collections framework. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

Cisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products

Advisory ID: cisco-sa-20151209-java-deserialization

Revision 1.0

For Public Release: 2015 December 9 16:00 GMT +---------------------------------------------------------------------

Summary

A vulnerability in the Java deserialization used by the Apache Commons Collections (ACC) library could allow an unauthenticated, remote attacker to execute arbitrary code.

The vulnerability is due to insecure deserialization of user-supplied content by the affected software. The report contains detailed proof-of-concept code for a number of applications, including WebSphere Application Server, JBoss, Jenkins, OpenNMS, and WebLogic. A wide range of potential impacts includes allowing the attacker to obtain sensitive information.

Object serialization is a technique that many programming languages use to convert an object into a sequence of bits for transfer purposes. Deserialization is a technique that reassembles those bits back to an object.

Many applications accept serialized objects from the network without performing input validation checks before deserializing it.

Additional details about the vulnerability are available at the following links:

Official Vulnerability Note from CERT: http://www.kb.cert.org/vuls/id/576313

Foxglove Security: http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/

Apache Commons Statement: https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread

Oracle Security Alert: https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852

Cisco will release software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization

-----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJWaE9BAAoJEIpI1I6i1Mx31a0QALya6VDmcGiyx3AlCzsKGISc 3NJP4PPjVFGjHQmB/+bXn1zXLZ63JgbOZuG9pLxhmJpPMxQI8jeXEHqzVmrA9cOj u/QRGkITxQaRS50cwFJXPDOVWWCTcHLhuk83Ofih8vhC8UPBy1FGMBl5rpVLDkG9 ue8yX5ACEQ078F78dpcnJmbv1Hxu021wI+nM3pn7C/aOrJ1wSNop8KkFZ+VHzbKY aeuMFqhal+ePx+JoIC4JMrTll/BLxjI17tKrzXas6D4zKNGSO0WxnEFjDWuPlc89 2y3DnaVc0eeAVPy3ODN6wJzuro4w69z1GrvXPkBfVe9WNKD1lMGRUPMRwnb/zjxu DT8Ms4LDaVCLDZ01ox3BpuZIDBP1q2Xk6ToObeHUNMSDM9IuMeVOz9BtxJxO8Yp/ YfVaoqkM6Vrf5oXKUvWow0r19+ODp18JUnc8qT7Cj0b9PwtlOUqpsNE+cAzPyZh7 UBYLPm2AZypOgw4ryUf66p3l+NGLvLdA+A1u0m+YfXSrsuEFCosUeppmZMvgzEME 7TDSbOlt6yj9W/U3ioYbhLWk1D2whTyDybXz4MLaPTPxfxozyePOcthU7R/PVGrU M0Do8nugnDXE0rYVRooF3+A/6ahoKUb9QR00O4xN4A94lfXqgc6t+180S4vavgxS g9ZP7zYVhaDCRufDoNVI =nsL1 -----END PGP SIGNATURE----- .

References:

CVE-2016-4373 CERT-VU#576313 PSRT110183

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

HP Operations Manager for Linux - v9.1x, v9.20.x/9.21.x and versions prior to v9.21.130 HP Operations Manager for Solaris - v9.1x, v9.20.x/9.21.x and versions prior to 9.21.130 HP Operations Manager for Unix - v9.1x, 9.20.x/9.21.x and versions prior to 9.21.130

BACKGROUND

CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector

CVE-2016-4373
  7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:

  https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docI

d=emr_na-c01345499

RESOLUTION

HPE has made the following mitigation information available to resolve the vulnerability for the impacted versions of HP Operations Manager for Unix/Solaris/Linux.

For v9.1x Upgrade to HP OM v9.2 and then apply 9.21.130 patch.

For v9.2x - Apply 9.21.130 patch.

Please download the HP OM 9.21.130 patch from the following location:

https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facetse arch/document/KM322544?lang=en&cc=us&hpappid=202392_SSO_PRO_HPE

HISTORY Version:1 (rev.1) - 25 July 2016 - Initial release Version:2 (rev.2) - 11 August 2016 - Changed the product version and resolution section

Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.

Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.

Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com

Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice

Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive

Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX

Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201608-0300",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "operations manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "hp",
        "version": "9.20.0"
      },
      {
        "model": "operations manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "hp",
        "version": "9.21.120"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "tp link",
        "version": null
      },
      {
        "model": "operations manager",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "9.21.130"
      },
      {
        "model": "capssuite",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "model": "infoframe relational store",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "model": "systemdirector enterprise",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "model": "webotx",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "model": "operations manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "hp",
        "version": "9.21.120"
      },
      {
        "model": "operations manager for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.21"
      },
      {
        "model": "operations manager for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.20"
      },
      {
        "model": "operations manager for solaris",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.21"
      },
      {
        "model": "operations manager for solaris",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.20"
      },
      {
        "model": "operations manager for linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.21"
      },
      {
        "model": "operations manager for linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.20"
      },
      {
        "model": "operations manager for unix",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.21.130"
      },
      {
        "model": "operations manager for solaris",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.21.130"
      },
      {
        "model": "operations manager for linux",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.21.130"
      },
      {
        "model": "jenkins",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "jenkins ci",
        "version": "0"
      },
      {
        "model": "commons collections",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apache",
        "version": "3.2.1"
      },
      {
        "model": "commons collections",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apache",
        "version": "4.0"
      },
      {
        "model": "commons collections",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apache",
        "version": "3.0"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#581311"
      },
      {
        "db": "BID",
        "id": "92122"
      },
      {
        "db": "BID",
        "id": "77521"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004117"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005930"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-943"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4373"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:unix:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:solaris:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hp:operations_manager:*:*:*:*:*:linux:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.21.120",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hp:operations_manager:*:*:*:*:*:unix:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.21.120",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hp:operations_manager:*:*:*:*:*:solaris:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.21.120",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:linux:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-4373"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "foxglovesecurity",
    "sources": [
      {
        "db": "BID",
        "id": "77521"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-421"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2016-4373",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2016-4373",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 1.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "JVNDB-2015-005930",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2016-4373",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 1.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-4373",
            "trust": 1.8,
            "value": "Critical"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2015-005930",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201607-943",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004117"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005930"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-943"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4373"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. The TP-LINK EAP Controller is TP-LINK\u0027s software for remotely controlling wireless access point devices. EAP Controller for Linux lacks user authentication for RMI service commands, as well as utilizes an outdated vulnerable version of Apache commons-collections, which may allow an attacker to implement deserialization attacks and control the EAP Controller server. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlSkillfully crafted serialized by a third party Java An arbitrary command may be executed through the object. Apache Commons Collections (ACC) The library deserialization process is vulnerable. Java Application ACC When using the library directly or within the range accessible by specifying the class path ACC If a library is installed, arbitrary code may be executed. Apache Commons Collections (ACC) Library http://commons.apache.org/proper/commons-collections/ Deserialize untrusted data (CWE-502) 2015 Year 1 Held on the moon AppSec California 2015 In Gabriel Lawrence Mr. and Chris Frohoff He talked about a vulnerability that could deserialize untrusted data and showed that it could execute arbitrary code. Any use of the serialization function that is not appropriate Java Application or Java Libraries are affected by this vulnerability. Deserialize untrusted data (CWE-502) http://cwe.mitre.org/data/definitions/502.html Gabriel Lawrence Mr. and Chris Frohoff Mr. Lecture http://frohoff.github.io/appseccali-marshalling-pickles/ 2015 Year 11 A month Foxglove Security of Stephen Breen Mr. this problem Apache Commons Collections (ACC) Exist in the library, especially for deserializing untrusted data InvokerTransformer It was pointed out that arbitrary code could be executed when using classes. ACC Software that uses the library, WebSphere , Jenkins , WebLogic , OpenNMS Etc. are also affected. Foxglove Security of Stephen Breen Mr (What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.) http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ Jenkins https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 WebLogic http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html?elq_mid=31793\u0026sh=\u0026cmid=WWSU12091612MPP001C179 ACC Library version 3.2.1 , 4.0 Both are affected by this vulnerability. version 3.2.1 , 4.0 https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread Apache Software Fondation Has posted an official view of the vulnerability on its blog. Here you can find advice on countermeasures and links to related information. In addition, entries related to this vulnerability (COLLECTIONS-580) Is built on a bug management system. Official view https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread Entries related to this vulnerability (COLLECTIONS-580) https://issues.apache.org/jira/browse/COLLECTIONS-580 ACC other than, Groovy And Spring The same problem is being investigated for these issues. Lawrence Mr. and Frohoff In his presentation material, Java not only Python And Ruby It is stated that the same problem exists in applications and libraries written in the above. Regardless of the programming language or library used, it is important to fully consider the data serialization capabilities from the software design stage.Apache Commons Collections I\u0027m using a library Java Application or Java Library is optional Java It may be possible to execute code. Also, ACC Even if the library is not used directly, it can be accessed by specifying the class path. ACC If the library exists, any Java It may be possible to execute code. It can extend or add Java collections framework. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nCisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products\n\nAdvisory ID: cisco-sa-20151209-java-deserialization\n\nRevision 1.0\n\nFor Public Release: 2015 December 9 16:00  GMT\n+---------------------------------------------------------------------\n\nSummary\n=======\n\nA vulnerability in the Java deserialization used by the Apache Commons Collections (ACC) library could allow an unauthenticated, remote attacker to execute arbitrary code. \n\nThe vulnerability is due to insecure deserialization of user-supplied content by the affected software. The report contains detailed proof-of-concept code for a number of applications, including WebSphere Application Server, JBoss, Jenkins, OpenNMS, and WebLogic. A wide range of potential impacts includes allowing the attacker to obtain sensitive information. \n\nObject serialization is a technique that many programming languages use to convert an object into a sequence of bits for transfer purposes. Deserialization is a technique that reassembles those bits back to an object. \n\nMany applications accept serialized objects from the network without performing input validation checks before deserializing it. \n\nAdditional details about the vulnerability are available at the following links:\n\nOfficial Vulnerability Note from CERT:\nhttp://www.kb.cert.org/vuls/id/576313\n\nFoxglove Security:\nhttp://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\n\nApache Commons Statement:\nhttps://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread\n\nOracle Security Alert:\nhttps://blogs.oracle.com/security/entry/security_alert_cve_2015_4852\n\nCisco will release software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. \n\nThis advisory is available at the following link:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization\n\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBCAAGBQJWaE9BAAoJEIpI1I6i1Mx31a0QALya6VDmcGiyx3AlCzsKGISc\n3NJP4PPjVFGjHQmB/+bXn1zXLZ63JgbOZuG9pLxhmJpPMxQI8jeXEHqzVmrA9cOj\nu/QRGkITxQaRS50cwFJXPDOVWWCTcHLhuk83Ofih8vhC8UPBy1FGMBl5rpVLDkG9\nue8yX5ACEQ078F78dpcnJmbv1Hxu021wI+nM3pn7C/aOrJ1wSNop8KkFZ+VHzbKY\naeuMFqhal+ePx+JoIC4JMrTll/BLxjI17tKrzXas6D4zKNGSO0WxnEFjDWuPlc89\n2y3DnaVc0eeAVPy3ODN6wJzuro4w69z1GrvXPkBfVe9WNKD1lMGRUPMRwnb/zjxu\nDT8Ms4LDaVCLDZ01ox3BpuZIDBP1q2Xk6ToObeHUNMSDM9IuMeVOz9BtxJxO8Yp/\nYfVaoqkM6Vrf5oXKUvWow0r19+ODp18JUnc8qT7Cj0b9PwtlOUqpsNE+cAzPyZh7\nUBYLPm2AZypOgw4ryUf66p3l+NGLvLdA+A1u0m+YfXSrsuEFCosUeppmZMvgzEME\n7TDSbOlt6yj9W/U3ioYbhLWk1D2whTyDybXz4MLaPTPxfxozyePOcthU7R/PVGrU\nM0Do8nugnDXE0rYVRooF3+A/6ahoKUb9QR00O4xN4A94lfXqgc6t+180S4vavgxS\ng9ZP7zYVhaDCRufDoNVI\n=nsL1\n-----END PGP SIGNATURE-----\n. \n\nReferences:\n\nCVE-2016-4373\nCERT-VU#576313\nPSRT110183\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nHP Operations Manager for Linux - v9.1x, v9.20.x/9.21.x and versions prior to\nv9.21.130\nHP Operations Manager for Solaris - v9.1x, v9.20.x/9.21.x and versions prior\nto 9.21.130\nHP Operations Manager for Unix - v9.1x, 9.20.x/9.21.x and versions prior to\n9.21.130\n\nBACKGROUND\n\n  CVSS Base Metrics\n  =================\n  Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n    CVE-2016-4373\n      7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    Information on CVSS is documented in\n    HPE Customer Notice HPSN-2008-002 here:\n\n      https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docI\nd=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following mitigation information available to resolve the\nvulnerability for the impacted versions of HP Operations Manager for\nUnix/Solaris/Linux. \n\nFor v9.1x  Upgrade to HP OM v9.2 and then apply 9.21.130 patch. \n\nFor v9.2x - Apply 9.21.130 patch. \n\nPlease download the HP OM 9.21.130 patch from the following location:\n\nhttps://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facetse\narch/document/KM322544?lang=en\u0026cc=us\u0026hpappid=202392_SSO_PRO_HPE\n\nHISTORY\nVersion:1 (rev.1) - 25 July 2016 - Initial release\nVersion:2 (rev.2) - 11 August 2016 - Changed the product version and\nresolution section\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n  Web form: https://www.hpe.com/info/report-security-vulnerability\n  Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-4373"
      },
      {
        "db": "CERT/CC",
        "id": "VU#581311"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004117"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005930"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-421"
      },
      {
        "db": "BID",
        "id": "92122"
      },
      {
        "db": "BID",
        "id": "77521"
      },
      {
        "db": "PACKETSTORM",
        "id": "134752"
      },
      {
        "db": "PACKETSTORM",
        "id": "138050"
      },
      {
        "db": "PACKETSTORM",
        "id": "138316"
      }
    ],
    "trust": 4.41
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-4373",
        "trust": 2.9
      },
      {
        "db": "CERT/CC",
        "id": "VU#576313",
        "trust": 2.3
      },
      {
        "db": "BID",
        "id": "92122",
        "trust": 1.9
      },
      {
        "db": "BID",
        "id": "77521",
        "trust": 0.9
      },
      {
        "db": "CERT/CC",
        "id": "VU#581311",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004117",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU94276522",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005930",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-421",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-943",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "134752",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "138050",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "138316",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#581311"
      },
      {
        "db": "BID",
        "id": "92122"
      },
      {
        "db": "BID",
        "id": "77521"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004117"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005930"
      },
      {
        "db": "PACKETSTORM",
        "id": "134752"
      },
      {
        "db": "PACKETSTORM",
        "id": "138050"
      },
      {
        "db": "PACKETSTORM",
        "id": "138316"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-943"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4373"
      }
    ]
  },
  "id": "VAR-201608-0300",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.11111111
  },
  "last_update_date": "2022-05-06T08:03:11.247000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HPSBGN03630",
        "trust": 0.8,
        "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05206507"
      },
      {
        "title": "Apache Commons statement to widespread Java object de-serialisation vulnerability",
        "trust": 0.8,
        "url": "https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread"
      },
      {
        "title": "COLLECTIONS-580: Arbitrary remote code execution with InvokerTransformer",
        "trust": 0.8,
        "url": "https://issues.apache.org/jira/browse/collections-580"
      },
      {
        "title": "cisco-sa-20151209-java-deserialization",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151209-java-deserialization"
      },
      {
        "title": "HS16-010",
        "trust": 0.8,
        "url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs16-010/index.html"
      },
      {
        "title": "1970575",
        "trust": 0.8,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970575"
      },
      {
        "title": "Jenkins Security Advisory 2015-11-11",
        "trust": 0.8,
        "url": "https://wiki.jenkins-ci.org/display/security/jenkins+security+advisory+2015-11-11"
      },
      {
        "title": "NV16-002",
        "trust": 0.8,
        "url": "http://jpn.nec.com/security-info/secinfo/nv16-002.html"
      },
      {
        "title": "Secure Coding Guidelines for Java SE",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/java/seccodeguide-139067.html#8"
      },
      {
        "title": "Oracle Security Alert for CVE-2015-4852",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html"
      },
      {
        "title": "HS16-010",
        "trust": 0.8,
        "url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs16-010/index.html"
      },
      {
        "title": "\u65e5\u7acb\u30c7\u30a3\u30b9\u30af\u30a2\u30ec\u30a4\u30b7\u30b9\u30c6\u30e0\u306b\u304a\u3051\u308bSVP \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30db\u30fc\u30eb",
        "trust": 0.8,
        "url": "http://www.hitachi.co.jp/products/it/storage-solutions/techsupport/sec_info/sec_acc20160328.html"
      },
      {
        "title": "HP Operations Manager Fixes for remote code execution vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63298"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004117"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005930"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-943"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-Other",
        "trust": 1.6
      },
      {
        "problemtype": "CWE-284",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004117"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005930"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4373"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://www.kb.cert.org/vuls/id/576313"
      },
      {
        "trust": 1.6,
        "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05206507"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/92122"
      },
      {
        "trust": 1.2,
        "url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/"
      },
      {
        "trust": 0.8,
        "url": "https://www.tp-link.com/en/download/eap220.html#controller_software"
      },
      {
        "trust": 0.8,
        "url": "https://docs.oracle.com/javase/8/docs/technotes/guides/rmi/rmi_security_recommendations.html"
      },
      {
        "trust": 0.8,
        "url": "http://cwe.mitre.org/data/definitions/306.html"
      },
      {
        "trust": 0.8,
        "url": "http://cwe.mitre.org/data/definitions/502.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4373"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4373"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu94276522/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://frohoff.github.io/appseccali-marshalling-pickles/"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/77521"
      },
      {
        "trust": 0.3,
        "url": "http://www.hp.com"
      },
      {
        "trust": 0.3,
        "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05206507"
      },
      {
        "trust": 0.3,
        "url": "https://issues.apache.org/jira/browse/collections-580"
      },
      {
        "trust": 0.3,
        "url": "http://seclists.org/oss-sec/2015/q4/237"
      },
      {
        "trust": 0.3,
        "url": "http://seclists.org/oss-sec/2015/q4/241"
      },
      {
        "trust": 0.2,
        "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
      },
      {
        "trust": 0.2,
        "url": "http://www.hpe.com/support/security_bulletin_archive"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4373"
      },
      {
        "trust": 0.2,
        "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?doci"
      },
      {
        "trust": 0.2,
        "url": "https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facetse"
      },
      {
        "trust": 0.2,
        "url": "http://www.hpe.com/support/subscriber_choice"
      },
      {
        "trust": 0.1,
        "url": "https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151209-java-deserialization"
      },
      {
        "trust": 0.1,
        "url": "https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852"
      },
      {
        "trust": 0.1,
        "url": "http://gpgtools.org"
      },
      {
        "trust": 0.1,
        "url": "https://www.hpe.com/info/report-security-vulnerability"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#581311"
      },
      {
        "db": "BID",
        "id": "92122"
      },
      {
        "db": "BID",
        "id": "77521"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004117"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005930"
      },
      {
        "db": "PACKETSTORM",
        "id": "134752"
      },
      {
        "db": "PACKETSTORM",
        "id": "138050"
      },
      {
        "db": "PACKETSTORM",
        "id": "138316"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-943"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4373"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#581311"
      },
      {
        "db": "BID",
        "id": "92122"
      },
      {
        "db": "BID",
        "id": "77521"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004117"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005930"
      },
      {
        "db": "PACKETSTORM",
        "id": "134752"
      },
      {
        "db": "PACKETSTORM",
        "id": "138050"
      },
      {
        "db": "PACKETSTORM",
        "id": "138316"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-943"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4373"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-09-26T00:00:00",
        "db": "CERT/CC",
        "id": "VU#581311"
      },
      {
        "date": "2016-07-25T00:00:00",
        "db": "BID",
        "id": "92122"
      },
      {
        "date": "2015-11-08T00:00:00",
        "db": "BID",
        "id": "77521"
      },
      {
        "date": "2016-08-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004117"
      },
      {
        "date": "2015-11-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-005930"
      },
      {
        "date": "2015-12-10T17:22:52",
        "db": "PACKETSTORM",
        "id": "134752"
      },
      {
        "date": "2016-07-26T01:41:28",
        "db": "PACKETSTORM",
        "id": "138050"
      },
      {
        "date": "2016-08-12T20:59:37",
        "db": "PACKETSTORM",
        "id": "138316"
      },
      {
        "date": "2015-11-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201512-421"
      },
      {
        "date": "2016-07-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-943"
      },
      {
        "date": "2016-08-01T02:59:00",
        "db": "NVD",
        "id": "CVE-2016-4373"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-11-08T00:00:00",
        "db": "CERT/CC",
        "id": "VU#581311"
      },
      {
        "date": "2016-07-25T00:00:00",
        "db": "BID",
        "id": "92122"
      },
      {
        "date": "2015-12-08T22:09:00",
        "db": "BID",
        "id": "77521"
      },
      {
        "date": "2016-08-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004117"
      },
      {
        "date": "2018-02-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-005930"
      },
      {
        "date": "2015-12-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201512-421"
      },
      {
        "date": "2016-08-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-943"
      },
      {
        "date": "2016-11-28T20:17:00",
        "db": "NVD",
        "id": "CVE-2016-4373"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "134752"
      },
      {
        "db": "PACKETSTORM",
        "id": "138050"
      },
      {
        "db": "PACKETSTORM",
        "id": "138316"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-943"
      }
    ],
    "trust": 1.5
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "TP-Link EAP Controller lacks RMI authentication and is vulnerable to deserialization attacks",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#581311"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input Validation Error",
    "sources": [
      {
        "db": "BID",
        "id": "92122"
      },
      {
        "db": "BID",
        "id": "77521"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2016-4373

Vulnerability from fkie_nvd

Published

2016-08-01 02:59

Modified

2024-11-21 02:51

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/92122
cve@mitre.org	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/92122
af854a3a-2127-422b-91ae-364da2661108	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507	Vendor Advisory

Impacted products

Vendor	Product	Version
hp	operations_manager	*
hp	operations_manager	*
hp	operations_manager	*
hp	operations_manager	9.20.0
hp	operations_manager	9.20.0
hp	operations_manager	9.20.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:hp:operations_manager:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "06F785CD-B812-4C14-97EE-BC260A29BC0E",
              "versionEndIncluding": "9.21.120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hp:operations_manager:*:*:*:*:*:solaris:*:*",
              "matchCriteriaId": "3BC3C084-D5A9-47EB-924D-378CD03C6DA7",
              "versionEndIncluding": "9.21.120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hp:operations_manager:*:*:*:*:*:unix:*:*",
              "matchCriteriaId": "3B964F79-50C5-41D9-9C96-C4A8B4749193",
              "versionEndIncluding": "9.21.120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:linux:*:*:*",
              "matchCriteriaId": "4A55C8DF-ECDF-4381-90AF-FD80C20B90EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:solaris:*:*:*",
              "matchCriteriaId": "BA47FC02-5EB0-43FD-BCD6-66A4B2304FC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:unix:*:*:*",
              "matchCriteriaId": "BEC1FF73-D499-4F2A-80B4-C901F02DC5B7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library."
    },
    {
      "lang": "es",
      "value": "El AdminUI en HPE Operations Manager (OM) en versiones anteriores a 9.21.130 en Linux, Unix y Solaris permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de un objeto Java serializado manipulado, relacionado con la librer\u00eda Apache Commons Collections (ACC)."
    }
  ],
  "id": "CVE-2016-4373",
  "lastModified": "2024-11-21T02:51:58.513",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-01T02:59:13.417",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/92122"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/92122"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-x8cm-w2qg-36v3

Vulnerability from github

Published

2022-05-17 03:41

Modified

2022-05-17 03:41

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-4373"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-08-01T02:59:00Z",
    "severity": "CRITICAL"
  },
  "details": "The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.",
  "id": "GHSA-x8cm-w2qg-36v3",
  "modified": "2022-05-17T03:41:26Z",
  "published": "2022-05-17T03:41:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4373"
    },
    {
      "type": "WEB",
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/92122"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2016-4373

Vulnerability from cvelistv5

gsd-2016-4373

Vulnerability from gsd

var-201608-0300

Vulnerability from variot

Summary

fkie_cve-2016-4373

Vulnerability from fkie_nvd

ghsa-x8cm-w2qg-36v3

Vulnerability from github

Tags

Sightings

Nomenclature