FKIE_CVE-2020-5413

Vulnerability from fkie_nvd - Published: 2020-07-31 20:15 - Updated: 2024-11-21 05:34
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Spring Integration framework provides Kryo Codec implementations as an alternative for Java (de)serialization. When Kryo is configured with default options, all unregistered classes are resolved on demand. This leads to the "deserialization gadgets" exploit when provided data contains malicious code for execution during deserialization. In order to protect against this type of attack, Kryo can be configured to require a set of trusted classes for (de)serialization. Spring Integration should be proactive against blocking unknown "deserialization gadgets" when configuring Kryo in code.
References
security@pivotal.iohttps://tanzu.vmware.com/security/cve-2020-5413Vendor Advisory
security@pivotal.iohttps://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
security@pivotal.iohttps://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
security@pivotal.iohttps://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
security@pivotal.iohttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://tanzu.vmware.com/security/cve-2020-5413Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
Impacted products
Vendor Product Version
vmware spring_integration *
vmware spring_integration *
vmware spring_integration *
vmware spring_integration *
oracle banking_corporate_lending_process_management 14.2.0
oracle banking_corporate_lending_process_management 14.3.0
oracle banking_corporate_lending_process_management 14.5.0
oracle banking_credit_facilities_process_management 14.2.0
oracle banking_credit_facilities_process_management 14.3.0
oracle banking_credit_facilities_process_management 14.5.0
oracle banking_supply_chain_finance 14.2.0
oracle banking_supply_chain_finance 14.3.0
oracle banking_supply_chain_finance 14.5.0
oracle banking_virtual_account_management 14.2.0
oracle banking_virtual_account_management 14.3.0
oracle banking_virtual_account_management 14.5.0
oracle flexcube_private_banking 12.0.0
oracle flexcube_private_banking 12.1.0
oracle retail_customer_management_and_segmentation_foundation *
oracle retail_merchandising_system 16.0.3
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:spring_integration:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AB3D86D-55B9-42C6-B0F9-1D2D4012E050",
              "versionEndIncluding": "4.3.22",
              "versionStartIncluding": "4.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_integration:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68D36FAA-277D-4121-92CC-8AC6FDEBD9AE",
              "versionEndIncluding": "5.1.11",
              "versionStartIncluding": "5.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_integration:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "158506DB-095A-4C4D-9C12-A7AD5ED1B1E7",
              "versionEndIncluding": "5.2.7",
              "versionStartIncluding": "5.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_integration:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A326376-4A29-4486-B697-A66B94C9062D",
              "versionEndIncluding": "5.3.1",
              "versionStartIncluding": "5.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CF9A061-2421-426D-9854-0A4E55B2961D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F95EDC3D-54BB-48F9-82F2-7CCF335FCA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B72B735F-4E52-484A-9C2C-23E6E2070385",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B36A1D4-F391-4EE3-9A65-0A10568795BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55116032-AAD1-4FEA-9DA8-2C4CBD3D3F61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0275F820-40BE-47B8-B167-815A55DF578E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A8420D4-AAF1-44AA-BF28-48EE3ED310B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FB80AC5-35F2-4703-AD93-416B46972EEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "19DAAEFF-AB4A-4D0D-8C86-D2F2811B53B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_virtual_account_management:14.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1534C11-E3F5-49F3-8F8D-7C5C90951E69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_virtual_account_management:14.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D952E04D-DE2D-4AE0-BFE6-7D9B7E55AC80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_virtual_account_management:14.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1111BCFD-E336-4B31-A87E-76C684AC6DE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6762F207-93C7-4363-B2F9-7A7C6F8AF993",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B74B912-152D-4F38-9FC1-741D6D0B27FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B92BB355-DB00-438E-84E5-8EC007009576",
              "versionEndIncluding": "19.0",
              "versionStartIncluding": "16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8383028-B719-41FD-9B6A-71F8EB4C5F8D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Spring Integration framework provides Kryo Codec implementations as an alternative for Java (de)serialization. When Kryo is configured with default options, all unregistered classes are resolved on demand. This leads to the \"deserialization gadgets\" exploit when provided data contains malicious code for execution during deserialization. In order to protect against this type of attack, Kryo can be configured to require a set of trusted classes for (de)serialization. Spring Integration should be proactive against blocking unknown \"deserialization gadgets\" when configuring Kryo in code."
    },
    {
      "lang": "es",
      "value": "Spring Integration Framework proporciona implementaciones de Kryo Codec como una alternativa para la (des)serializaci\u00f3n de Java. Cuando Kryo es configurado con opciones predeterminadas, todas las clases no registradas son resueltas bajo demanda. Esto conlleva a la explotaci\u00f3n de \"deserialization gadgets\" cuando los datos proporcionados contienen c\u00f3digo malicioso para su ejecuci\u00f3n durante la deserializaci\u00f3n. A fin de protegerse contra este tipo de ataque, Kryo puede ser configurado para requerir un conjunto de clases confiables para la (des)serializaci\u00f3n. Spring Integration debe ser proactiva contra el bloqueo desconocido de \"deserialization gadgets\" cuando se configura Kryo en el c\u00f3digo"
    }
  ],
  "id": "CVE-2020-5413",
  "lastModified": "2024-11-21T05:34:07.263",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-31T20:15:13.017",
  "references": [
    {
      "source": "security@pivotal.io",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tanzu.vmware.com/security/cve-2020-5413"
    },
    {
      "source": "security@pivotal.io",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "security@pivotal.io",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "source": "security@pivotal.io",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "security@pivotal.io",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tanzu.vmware.com/security/cve-2020-5413"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    }
  ],
  "sourceIdentifier": "security@pivotal.io",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "security@pivotal.io",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.