cvelistv5 - cve-2017-5641

CVE-2017-5641 (GCVE-0-2017-5641)

Vulnerability from cvelistv5 – Published: 2017-12-28 15:00 – Updated: 2024-09-16 21:08

Summary

Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution.

Severity ?

No CVSS data available.

CWE

Information Disclosure

Assigner

apache

References

URL

Tags

	https://www.kb.cert.org/vuls/id/307983	third-party-advisoryx_refsource_CERT-VN
	http://www.securityfocus.com/bid/97383	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id/1038273	vdb-entryx_refsource_SECTRACK
	http://mail-archives.apache.org/mod_mbox/flex-dev…	mailing-listx_refsource_MLIST
	https://issues.apache.org/jira/browse/FLEX-35290	x_refsource_CONFIRM
	https://support.hpe.com/hpsc/doc/public/display?d…	x_refsource_CONFIRM
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Flex Blaze DS	Affected: before 4.7.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:04:15.425Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#307983",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/307983"
          },
          {
            "name": "97383",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97383"
          },
          {
            "name": "1038273",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038273"
          },
          {
            "name": "[flex-dev] 20170327 [VOTE] Release Apache Flex BlazeDS 4.7.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746%40c-ware.de%3E"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.apache.org/jira/browse/FLEX-35290"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-507/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-506/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Flex Blaze DS",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "before 4.7.3"
            }
          ]
        }
      ],
      "datePublic": "2017-03-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-11T16:07:14",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "name": "VU#307983",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/307983"
        },
        {
          "name": "97383",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97383"
        },
        {
          "name": "1038273",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038273"
        },
        {
          "name": "[flex-dev] 20170327 [VOTE] Release Apache Flex BlazeDS 4.7.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746%40c-ware.de%3E"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.apache.org/jira/browse/FLEX-35290"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-507/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-506/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "DATE_PUBLIC": "2017-03-27T00:00:00",
          "ID": "CVE-2017-5641",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache Flex Blaze DS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "before 4.7.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#307983",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/307983"
            },
            {
              "name": "97383",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97383"
            },
            {
              "name": "1038273",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038273"
            },
            {
              "name": "[flex-dev] 20170327 [VOTE] Release Apache Flex BlazeDS 4.7.3",
              "refsource": "MLIST",
              "url": "http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746@c-ware.de%3E"
            },
            {
              "name": "https://issues.apache.org/jira/browse/FLEX-35290",
              "refsource": "CONFIRM",
              "url": "https://issues.apache.org/jira/browse/FLEX-35290"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-507/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-507/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-506/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-506/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2017-5641",
    "datePublished": "2017-12-28T15:00:00Z",
    "dateReserved": "2017-01-29T00:00:00",
    "dateUpdated": "2024-09-16T21:08:12.604Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:flex_blazeds:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.7.2\", \"matchCriteriaId\": \"8D00416D-BE10-4E35-B639-451DF4ABD824\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:xp_command_view_advanced_edition:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.5.3-00\", \"matchCriteriaId\": \"FF246B0D-2E4C-4B1E-9BCC-1BAC0AC58AFC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution.\"}, {\"lang\": \"es\", \"value\": \"Versiones previas de Apache Flex BlazeDS (4.7.2 y anteriores) no restring\\u00edan qu\\u00e9 tipos se permit\\u00edan para la deserializaci\\u00f3n de objetos AMF(X) por defecto. Durante el proceso de deserializaci\\u00f3n, se ejecutaba c\\u00f3digo que ten\\u00eda efectos colaterales no deseados para numerosos tipos conocidos. Otros tipos no conocidos tambi\\u00e9n pod\\u00edan mostrar comportamientos similares. Existe un vector en la biblioteca est\\u00e1ndar de Java que puede permitir que un atacante realice otras deserializaciones explotables de datos no fiables en Java. Se pueden emplear otros vectores conocidos en bibliotecas de terceros para realizar una ejecuci\\u00f3n remota de c\\u00f3digo.\"}]",
      "id": "CVE-2017-5641",
      "lastModified": "2024-11-21T03:28:04.720",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": true, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-12-28T15:29:00.303",
      "references": "[{\"url\": \"http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746%40c-ware.de%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"http://www.securityfocus.com/bid/97383\", \"source\": \"security@apache.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securitytracker.com/id/1038273\", \"source\": \"security@apache.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://issues.apache.org/jira/browse/FLEX-35290\", \"source\": \"security@apache.org\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/307983\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-22-506/\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-22-507/\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746%40c-ware.de%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/97383\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securitytracker.com/id/1038273\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://issues.apache.org/jira/browse/FLEX-35290\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/307983\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-22-506/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-22-507/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "security@apache.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-5641\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2017-12-28T15:29:00.303\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution.\"},{\"lang\":\"es\",\"value\":\"Versiones previas de Apache Flex BlazeDS (4.7.2 y anteriores) no restring\u00edan qu\u00e9 tipos se permit\u00edan para la deserializaci\u00f3n de objetos AMF(X) por defecto. Durante el proceso de deserializaci\u00f3n, se ejecutaba c\u00f3digo que ten\u00eda efectos colaterales no deseados para numerosos tipos conocidos. Otros tipos no conocidos tambi\u00e9n pod\u00edan mostrar comportamientos similares. Existe un vector en la biblioteca est\u00e1ndar de Java que puede permitir que un atacante realice otras deserializaciones explotables de datos no fiables en Java. Se pueden emplear otros vectores conocidos en bibliotecas de terceros para realizar una ejecuci\u00f3n remota de c\u00f3digo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:flex_blazeds:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.7.2\",\"matchCriteriaId\":\"8D00416D-BE10-4E35-B639-451DF4ABD824\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:xp_command_view_advanced_edition:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.5.3-00\",\"matchCriteriaId\":\"FF246B0D-2E4C-4B1E-9BCC-1BAC0AC58AFC\"}]}]}],\"references\":[{\"url\":\"http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746%40c-ware.de%3E\",\"source\":\"security@apache.org\"},{\"url\":\"http://www.securityfocus.com/bid/97383\",\"source\":\"security@apache.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securitytracker.com/id/1038273\",\"source\":\"security@apache.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://issues.apache.org/jira/browse/FLEX-35290\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/307983\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-22-506/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-22-507/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746%40c-ware.de%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/97383\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securitytracker.com/id/1038273\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://issues.apache.org/jira/browse/FLEX-35290\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/307983\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-22-506/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-22-507/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

CERTFR-2022-AVI-315

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Cisco Nexus Dashboard Fabric Controller, anciennement dénommé Data Center Network Manager (DCNM). Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Cisco	Nexus Dashboard Fabric Controller	Cisco Nexus Dashboard Fabric Controller versions 11.x antérieures à 11.5(4)
	Cisco	Nexus Dashboard Fabric Controller	Cisco Nexus Dashboard Fabric Controller versions 12.x antérieures à 12.0(0.1063) et 12.0(0)

References

Title

Publication Time

Tags

Bulletin de sécurité ZDI ZDI-CAN-14806 du 11 mars 2022	None	vendor-advisory
Bulletin de sécurité Cisco CSCvz62623 du 01 avril 2022	None	vendor-advisory
Bulletin de sécurité Cisco CSCvz62628 du 01 avril 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco Nexus Dashboard Fabric Controller versions 11.x ant\u00e9rieures \u00e0 11.5(4)",
      "product": {
        "name": "Nexus Dashboard Fabric Controller",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Nexus Dashboard Fabric Controller versions 12.x ant\u00e9rieures \u00e0 12.0(0.1063) et 12.0(0)",
      "product": {
        "name": "Nexus Dashboard Fabric Controller",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-3269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3269"
    },
    {
      "name": "CVE-2017-5641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5641"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-315",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-04-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Cisco \u003cspan\nclass=\"qtr-padding\"\u003eNexus Dashboard Fabric Controller\u003c/span\u003e,\nanciennement d\u00e9nomm\u00e9 Data Center Network Manager (DCNM). Elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco Data Center Network Manager",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 ZDI ZDI-CAN-14806 du 11 mars 2022",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-14806/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco CSCvz62623 du 01 avril 2022",
      "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvz62623"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco CSCvz62628 du 01 avril 2022",
      "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvz62628"
    }
  ]
}

CERTFR-2022-AVI-315

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Cisco	Nexus Dashboard Fabric Controller	Cisco Nexus Dashboard Fabric Controller versions 11.x antérieures à 11.5(4)
	Cisco	Nexus Dashboard Fabric Controller	Cisco Nexus Dashboard Fabric Controller versions 12.x antérieures à 12.0(0.1063) et 12.0(0)

References

Title

Publication Time

Tags

Bulletin de sécurité ZDI ZDI-CAN-14806 du 11 mars 2022	None	vendor-advisory
Bulletin de sécurité Cisco CSCvz62623 du 01 avril 2022	None	vendor-advisory
Bulletin de sécurité Cisco CSCvz62628 du 01 avril 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco Nexus Dashboard Fabric Controller versions 11.x ant\u00e9rieures \u00e0 11.5(4)",
      "product": {
        "name": "Nexus Dashboard Fabric Controller",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Nexus Dashboard Fabric Controller versions 12.x ant\u00e9rieures \u00e0 12.0(0.1063) et 12.0(0)",
      "product": {
        "name": "Nexus Dashboard Fabric Controller",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-3269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3269"
    },
    {
      "name": "CVE-2017-5641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5641"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-315",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-04-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Cisco \u003cspan\nclass=\"qtr-padding\"\u003eNexus Dashboard Fabric Controller\u003c/span\u003e,\nanciennement d\u00e9nomm\u00e9 Data Center Network Manager (DCNM). Elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco Data Center Network Manager",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 ZDI ZDI-CAN-14806 du 11 mars 2022",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-14806/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco CSCvz62623 du 01 avril 2022",
      "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvz62623"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco CSCvz62628 du 01 avril 2022",
      "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvz62628"
    }
  ]
}

CERTFR-2017-AVI-115

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans VMware vCenter Server. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	VMware	vCenter Server	vCenter Server versions 6.0 antérieures à 6.0U3b
	VMware	vCenter Server	vCenter Server versions 6.5 antérieures à 6.5c

References

Title

Publication Time

Tags

Bulletin de sécurité VMware VMSA-2017-0007 du 13 avril 2017

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "vCenter Server versions 6.0 ant\u00e9rieures \u00e0 6.0U3b",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions 6.5 ant\u00e9rieures \u00e0 6.5c",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-5641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5641"
    }
  ],
  "links": [],
  "reference": "CERTFR-2017-AVI-115",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-04-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eVMware\nvCenter Server\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans VMware vCenter Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2017-0007 du 13 avril 2017",
      "url": "http://www.vmware.com/security/advisories/VMSA-2017-0007.html"
    }
  ]
}

CERTFR-2017-AVI-115

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans VMware vCenter Server. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	VMware	vCenter Server	vCenter Server versions 6.0 antérieures à 6.0U3b
	VMware	vCenter Server	vCenter Server versions 6.5 antérieures à 6.5c

References

Title

Publication Time

Tags

Bulletin de sécurité VMware VMSA-2017-0007 du 13 avril 2017

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "vCenter Server versions 6.0 ant\u00e9rieures \u00e0 6.0U3b",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions 6.5 ant\u00e9rieures \u00e0 6.5c",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-5641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5641"
    }
  ],
  "links": [],
  "reference": "CERTFR-2017-AVI-115",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-04-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eVMware\nvCenter Server\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans VMware vCenter Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2017-0007 du 13 avril 2017",
      "url": "http://www.vmware.com/security/advisories/VMSA-2017-0007.html"
    }
  ]
}

GSD-2017-5641

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-5641

Aliases

CVE-2017-5641

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-5641",
    "description": "Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution.",
    "id": "GSD-2017-5641",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2017-5641"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-5641"
      ],
      "details": "Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution.",
      "id": "GSD-2017-5641",
      "modified": "2023-12-13T01:21:13.205738Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "DATE_PUBLIC": "2017-03-27T00:00:00",
        "ID": "CVE-2017-5641",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache Flex Blaze DS",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "before 4.7.3"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Information Disclosure"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "VU#307983",
            "refsource": "CERT-VN",
            "url": "https://www.kb.cert.org/vuls/id/307983"
          },
          {
            "name": "97383",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/97383"
          },
          {
            "name": "1038273",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1038273"
          },
          {
            "name": "[flex-dev] 20170327 [VOTE] Release Apache Flex BlazeDS 4.7.3",
            "refsource": "MLIST",
            "url": "http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746@c-ware.de%3E"
          },
          {
            "name": "https://issues.apache.org/jira/browse/FLEX-35290",
            "refsource": "CONFIRM",
            "url": "https://issues.apache.org/jira/browse/FLEX-35290"
          },
          {
            "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us",
            "refsource": "CONFIRM",
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-507/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-507/"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-506/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-506/"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "(,4.7.2]",
          "affected_versions": "All versions up to 4.7.2",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-502",
            "CWE-78",
            "CWE-937"
          ],
          "date": "2023-07-25",
          "description": "Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) does not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution.",
          "fixed_versions": [],
          "identifier": "CVE-2017-5641",
          "identifiers": [
            "GHSA-w8v7-prhw-xjpw",
            "CVE-2017-5641"
          ],
          "not_impacted": "",
          "package_slug": "maven/org.apache.flex.blazeds/blazeds",
          "pubdate": "2022-05-13",
          "solution": "Unfortunately, there is no solution available yet.",
          "title": "Deserialization of Untrusted Data",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2017-5641",
            "https://issues.apache.org/jira/browse/FLEX-35290",
            "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us",
            "https://www.kb.cert.org/vuls/id/307983",
            "https://www.zerodayinitiative.com/advisories/ZDI-22-506/",
            "https://www.zerodayinitiative.com/advisories/ZDI-22-507/",
            "http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746@c-ware.de%3E",
            "https://web.archive.org/web/20170920093830/http://www.securitytracker.com/id/1038273",
            "https://web.archive.org/web/20210124021605/http://www.securityfocus.com/bid/97383",
            "https://github.com/advisories/GHSA-w8v7-prhw-xjpw"
          ],
          "uuid": "96cbcdaf-b801-4120-901d-ff91303aa876"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:flex_blazeds:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.7.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:hp:xp_command_view_advanced_edition:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.5.3-00",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2017-5641"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-502"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#307983",
              "refsource": "CERT-VN",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://www.kb.cert.org/vuls/id/307983"
            },
            {
              "name": "https://issues.apache.org/jira/browse/FLEX-35290",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Vendor Advisory"
              ],
              "url": "https://issues.apache.org/jira/browse/FLEX-35290"
            },
            {
              "name": "[flex-dev] 20170327 [VOTE] Release Apache Flex BlazeDS 4.7.3",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746@c-ware.de%3E"
            },
            {
              "name": "1038273",
              "refsource": "SECTRACK",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.securitytracker.com/id/1038273"
            },
            {
              "name": "97383",
              "refsource": "BID",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.securityfocus.com/bid/97383"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-507/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-507/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-506/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-506/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-04-19T16:06Z",
      "publishedDate": "2017-12-28T15:29Z"
    }
  }
}

CNVD-2017-04657

Vulnerability from cnvd - Published: 2017-04-19

Title

VMware vCenter Server BlazeDS组件远程代码执行漏洞

Description

VMware vCenter Server是美国威睿（VMware）公司的一套服务器和虚拟化管理软件。该软件提供了一个用于管理VMware vSphere环境的集中式平台，可自动实施和交付虚拟基础架构。 VMware vCenter Server BlazeDS组件处理AMF3信息时存在远程代码执行漏洞，攻击者可利用该漏洞执行任意命令。

Severity

高

Patch Name

VMware vCenter Server BlazeDS组件远程代码执行漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，详情请关注厂商主页: http://www.vmware.com/security/advisories/VMSA-2017-0007.html

Reference

http://securitytracker.com/id/1038273

Impacted products

Name
['VMware vCenter Server 6.0', 'VMware vCenter Server 5.5']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-5641",
      "cveUrl": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5641"
    }
  },
  "description": "VMware vCenter Server\u662f\u7f8e\u56fd\u5a01\u777f\uff08VMware\uff09\u516c\u53f8\u7684\u4e00\u5957\u670d\u52a1\u5668\u548c\u865a\u62df\u5316\u7ba1\u7406\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u63d0\u4f9b\u4e86\u4e00\u4e2a\u7528\u4e8e\u7ba1\u7406VMware vSphere\u73af\u5883\u7684\u96c6\u4e2d\u5f0f\u5e73\u53f0\uff0c\u53ef\u81ea\u52a8\u5b9e\u65bd\u548c\u4ea4\u4ed8\u865a\u62df\u57fa\u7840\u67b6\u6784\u3002 \r\n\r\nVMware vCenter Server BlazeDS\u7ec4\u4ef6\u5904\u7406AMF3\u4fe1\u606f\u65f6\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002",
  "discovererName": "unknown",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875:\r\nhttp://www.vmware.com/security/advisories/VMSA-2017-0007.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-04657",
  "openTime": "2017-04-19",
  "patchDescription": "VMware vCenter Server\u662f\u7f8e\u56fd\u5a01\u777f\uff08VMware\uff09\u516c\u53f8\u7684\u4e00\u5957\u670d\u52a1\u5668\u548c\u865a\u62df\u5316\u7ba1\u7406\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u63d0\u4f9b\u4e86\u4e00\u4e2a\u7528\u4e8e\u7ba1\u7406VMware vSphere\u73af\u5883\u7684\u96c6\u4e2d\u5f0f\u5e73\u53f0\uff0c\u53ef\u81ea\u52a8\u5b9e\u65bd\u548c\u4ea4\u4ed8\u865a\u62df\u57fa\u7840\u67b6\u6784\u3002 \r\n\r\nVMware vCenter Server BlazeDS\u7ec4\u4ef6\u5904\u7406AMF3\u4fe1\u606f\u65f6\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "VMware vCenter Server BlazeDS\u7ec4\u4ef6\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "VMware vCenter Server 6.0",
      "VMware vCenter Server 5.5"
    ]
  },
  "referenceLink": "http://securitytracker.com/id/1038273",
  "serverity": "\u9ad8",
  "submitTime": "2017-04-04",
  "title": "VMware vCenter Server BlazeDS\u7ec4\u4ef6\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

FKIE_CVE-2017-5641

Vulnerability from fkie_nvd - Published: 2017-12-28 15:29 - Updated: 2025-04-20 01:37

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@apache.org	http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746%40c-ware.de%3E
security@apache.org	http://www.securityfocus.com/bid/97383	Broken Link
security@apache.org	http://www.securitytracker.com/id/1038273	Broken Link
security@apache.org	https://issues.apache.org/jira/browse/FLEX-35290	Issue Tracking, Vendor Advisory
security@apache.org	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03823en_us	Third Party Advisory
security@apache.org	https://www.kb.cert.org/vuls/id/307983	Third Party Advisory, US Government Resource
security@apache.org	https://www.zerodayinitiative.com/advisories/ZDI-22-506/	Third Party Advisory, VDB Entry
security@apache.org	https://www.zerodayinitiative.com/advisories/ZDI-22-507/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746%40c-ware.de%3E
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/97383	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038273	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://issues.apache.org/jira/browse/FLEX-35290	Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03823en_us	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/307983	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-22-506/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-22-507/	Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	apache	flex_blazeds	*
	hp	xp_command_view_advanced_edition	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:flex_blazeds:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D00416D-BE10-4E35-B639-451DF4ABD824",
              "versionEndIncluding": "4.7.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:hp:xp_command_view_advanced_edition:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF246B0D-2E4C-4B1E-9BCC-1BAC0AC58AFC",
              "versionEndExcluding": "8.5.3-00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution."
    },
    {
      "lang": "es",
      "value": "Versiones previas de Apache Flex BlazeDS (4.7.2 y anteriores) no restring\u00edan qu\u00e9 tipos se permit\u00edan para la deserializaci\u00f3n de objetos AMF(X) por defecto. Durante el proceso de deserializaci\u00f3n, se ejecutaba c\u00f3digo que ten\u00eda efectos colaterales no deseados para numerosos tipos conocidos. Otros tipos no conocidos tambi\u00e9n pod\u00edan mostrar comportamientos similares. Existe un vector en la biblioteca est\u00e1ndar de Java que puede permitir que un atacante realice otras deserializaciones explotables de datos no fiables en Java. Se pueden emplear otros vectores conocidos en bibliotecas de terceros para realizar una ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2017-5641",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-12-28T15:29:00.303",
  "references": [
    {
      "source": "security@apache.org",
      "url": "http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746%40c-ware.de%3E"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securityfocus.com/bid/97383"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securitytracker.com/id/1038273"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://issues.apache.org/jira/browse/FLEX-35290"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/307983"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-506/"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-507/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746%40c-ware.de%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securityfocus.com/bid/97383"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securitytracker.com/id/1038273"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://issues.apache.org/jira/browse/FLEX-35290"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/307983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-506/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-507/"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-W8V7-PRHW-XJPW

Vulnerability from github – Published: 2022-05-13 01:02 – Updated: 2023-10-06 21:06

Summary

Apache Flex BlazeDS unsafe deserialization

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.7.2"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.flex.blazeds:flex-messaging-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.7.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.7.2"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.flex.blazeds:flex-messaging-remoting"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.7.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-5641"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-25T21:59:21Z",
    "nvd_published_at": "2017-12-28T15:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution.",
  "id": "GHSA-w8v7-prhw-xjpw",
  "modified": "2023-10-06T21:06:16Z",
  "published": "2022-05-13T01:02:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5641"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/flex-blazeds/commit/11b0aa132d9a43bf81fa12654ff227ff247b4627"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/flex-blazeds/commit/f861f0993c35e664906609cad275e45a71e2aaf1"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/flex-blazeds"
    },
    {
      "type": "WEB",
      "url": "https://issues.apache.org/jira/browse/FLEX-35290"
    },
    {
      "type": "WEB",
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03823en_us"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20170920093830/http://www.securitytracker.com/id/1038273"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20210124021605/http://www.securityfocus.com/bid/97383"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/307983"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-506"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-507"
    },
    {
      "type": "WEB",
      "url": "http://mail-archives.apache.org/mod_mbox/flex-dev/201703.mbox/%3C6B86C8D0-6E36-48F5-AC81-4AB3978F6746@c-ware.de%3E"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache Flex BlazeDS unsafe deserialization"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-5641 (GCVE-0-2017-5641)

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature