Executive Summary
Summary | |
---|---|
Title | Apache Commons Collections Java library insecurely deserializes data |
Informations | |||
---|---|---|---|
Name | VU#576313 | First vendor Publication | 2015-11-13 |
Vendor | VU-CERT | Last vendor Modification | 2015-11-30 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#576313Apache Commons Collections Java library insecurely deserializes dataOverviewThe Apache Commons Collections (ACC) library is vulnerable to insecure deserialization of data, which may result in arbitrary code execution. Java applications that either directly use ACC, or contain ACC in their classpath, may be vulnerable to arbitrary code execution. Description
Impact
Solution
Vendor Information (Learn More)
CVSS Metrics (Learn More)
References
CreditThis type of vulnerability was reported publicly by Gabriel Lawrence and Chris Frohoff, and later investigated by Stephen Breen. This document was written by Garret Wassermann with assistance from David Svoboda and the CERT Secure Coding team. Other Information
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email. |
Original Source
Url : http://www.kb.cert.org/vuls/id/576313 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-502 | Deserialization of Untrusted Data |
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Oracle WebLogic Apache Commons library deserialization vulnerability | More info here |
Snort® IPS/IDS
Date | Description |
---|---|
2016-03-29 | Java Library CommonsCollection unauthorized serialized object attempt RuleID : 37860 - Revision : 5 - Type : SERVER-WEBAPP |
2016-03-29 | Java Library CommonsCollection unauthorized serialized object attempt RuleID : 37859 - Revision : 6 - Type : SERVER-WEBAPP |
2016-03-14 | Java Library CommonsCollection unauthorized serialized object attempt RuleID : 36826 - Revision : 11 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-07-21 | Name : An application running on the remote web server is affected by multiple vulne... File : oracle_primavera_gateway_cpu_jul_2017.nasl - Type : ACT_GATHER_INFO |
2017-05-02 | Name : A web application running on the remote host is affected by a remote code exe... File : cisco_security_java_deser.nasl - Type : ACT_ATTACK |
2017-05-02 | Name : A network management system running on the remote host is affected by a remot... File : cisco_prime_lms_java_deser.nasl - Type : ACT_ATTACK |
2017-01-25 | Name : A web application running on the remote host is affected by multiple vulnerab... File : mysql_enterprise_monitor_3_2_2_1075.nasl - Type : ACT_GATHER_INFO |
2017-01-25 | Name : A web application running on the remote host is affected by a remote code exe... File : mysql_enterprise_monitor_3_1_6_7959.nasl - Type : ACT_GATHER_INFO |
2017-01-25 | Name : A web application running on the remote host is affected by multiple vulnerab... File : mysql_enterprise_monitor_3_1_5_7958.nasl - Type : ACT_GATHER_INFO |
2016-11-17 | Name : A web management application running on the remote host is affected by multip... File : hp_nnmi_console_10_10.nasl - Type : ACT_GATHER_INFO |
2016-10-26 | Name : An application server installed on the remote host is affected by multiple vu... File : oracle_weblogic_server_cpu_oct_2016.nasl - Type : ACT_GATHER_INFO |
2016-10-10 | Name : The remote device is affected by a remote code execution vulnerability. File : cisco_cucm_CSCux34835.nasl - Type : ACT_GATHER_INFO |
2016-08-24 | Name : A web application hosted on the remote web server is affected by a remote cod... File : hp_intelligent_management_center_7_2.nasl - Type : ACT_GATHER_INFO |
2016-07-25 | Name : The remote web server is affected by a remote code execution vulnerability. File : hp_ucmdb_server_cve-2016-4368.nasl - Type : ACT_ATTACK |
2016-07-20 | Name : The Nexus Repository Manager server running on the remote host is affected by... File : sonatype_nexus_deserialization.nasl - Type : ACT_GATHER_INFO |
2016-07-13 | Name : The remote SolarWinds Virtualization Manager server is affected by a remote c... File : solarwinds_virtualization_manager_rmi_deserialization.nasl - Type : ACT_ATTACK |
2016-05-12 | Name : A web-based application running on the remote Windows host is affected by mul... File : coldfusion_win_apsb16-16.nasl - Type : ACT_GATHER_INFO |
2016-05-03 | Name : The remote host has a web application installed that is affected by a remote ... File : oracle_oats_cpu_apr_2016.nasl - Type : ACT_GATHER_INFO |
2016-04-26 | Name : The NetIQ Sentinel server installed on the remote host is affected by multipl... File : netiq_sentinel_7_4_1_0.nasl - Type : ACT_GATHER_INFO |
2016-04-20 | Name : The remote NetIQ Sentinel server is affected by a remote code execution vulne... File : netiq_sentinel_rmi_deserialization.nasl - Type : ACT_ATTACK |
2016-03-23 | Name : The remote host is affected by a remote code execution vulnerability. File : hp_operations_orchestration_hpsbgn03560.nasl - Type : ACT_GATHER_INFO |
2016-03-14 | Name : The remote web server hosts a job scheduling and management system that is af... File : jenkins_1_650.nasl - Type : ACT_GATHER_INFO |
2016-02-29 | Name : The remote web server is affected by a remote code execution vulnerability. File : jenkins_security247.nasl - Type : ACT_ATTACK |
2016-02-17 | Name : The remote Lexmark Markvision Enterprise server is affected by a remote code ... File : lexmark_markvision_enterprise_2016_1487.nasl - Type : ACT_ATTACK |
2016-02-08 | Name : A security management application installed on the remote Windows host is aff... File : mcafee_epo_sb10144.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote host is affected by a remote code execution vulnerability. File : hp_operations_manager_for_win_CVE-2016-1985_local.nasl - Type : ACT_GATHER_INFO |
2016-01-06 | Name : The remote host has a virtualization application installed that is affected b... File : vmware_orchestrator_vmsa_2015_0009.nasl - Type : ACT_GATHER_INFO |
2016-01-06 | Name : The remote host has a virtualization appliance installed that is affected by ... File : vmware_orchestrator_appliance_vmsa_2015_0009.nasl - Type : ACT_GATHER_INFO |
2015-12-18 | Name : An application running on the remote host is affected by an arbitrary command... File : symantec_endpoint_prot_mgr_2015_6554.nasl - Type : ACT_ATTACK |
2015-12-17 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL30518307.nasl - Type : ACT_GATHER_INFO |
2015-12-16 | Name : The remote host is running a web application that is affected by a remote cod... File : activemq_5_13_0.nasl - Type : ACT_GATHER_INFO |
2015-12-10 | Name : The remote OpenNMS server is affected by a remote code execution vulnerability. File : opennms_java_serialize.nasl - Type : ACT_ATTACK |
2015-12-10 | Name : The remote JBoss server is affected by multiple remote code execution vulnera... File : jboss_java_serialize.nasl - Type : ACT_ATTACK |
2015-12-02 | Name : The remote WebSphere Application Server is affected by a remote code executio... File : websphere_java_serialize.nasl - Type : ACT_ATTACK |
2015-11-23 | Name : The remote Oracle WebLogic server is affected by a remote code execution vuln... File : weblogic_2015_4852.nasl - Type : ACT_ATTACK |
2015-11-17 | Name : The remote web server is affected by a remote code execution vulnerability. File : jenkins_security218.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2018-10-31 00:23:47 |
|
2017-07-23 13:25:31 |
|
2017-05-04 13:25:28 |
|
2017-01-26 13:24:35 |
|
2016-11-18 13:25:41 |
|
2016-10-27 13:26:38 |
|
2016-10-11 13:21:32 |
|
2016-08-31 13:25:22 |
|
2016-08-25 13:25:50 |
|
2016-07-26 13:25:55 |
|
2016-07-22 13:38:25 |
|
2016-07-14 13:25:21 |
|
2016-06-08 13:25:04 |
|
2016-05-13 13:29:30 |
|
2016-05-04 13:29:44 |
|
2016-04-28 13:28:17 |
|
2016-04-21 13:24:43 |
|
2016-03-24 13:25:50 |
|
2016-03-15 13:25:11 |
|
2016-03-01 13:26:32 |
|
2016-02-18 13:27:47 |
|
2016-02-09 13:27:38 |
|
2016-02-04 13:27:33 |
|
2016-01-22 09:27:07 |
|
2016-01-20 21:26:13 |
|
2016-01-09 00:27:22 |
|
2016-01-07 13:25:48 |
|
2015-12-19 13:23:01 |
|
2015-12-17 13:26:56 |
|
2015-12-11 13:26:25 |
|
2015-12-03 13:26:57 |
|
2015-12-01 00:23:40 |
|
2015-11-30 21:24:25 |
|
2015-11-24 13:26:48 |
|
2015-11-19 21:29:06 |
|
2015-11-18 21:28:49 |
|
2015-11-18 13:26:30 |
|
2015-11-18 00:22:13 |
|
2015-11-17 00:17:10 |
|
2015-11-13 21:21:59 |
|