CVE-2017-3207

WebORB for Java by Midnight Coders, version 5.1.1.0, Action Message Format (AMF3) Java implementation is vulnerable to insecure deserialization

EPSS 8.2%CWE-502

Vexday Risk Score

3Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS —EPSS 8.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

11 jun 2018Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

The Java implementations of AMF3 deserializers in WebORB for Java by Midnight Coders, version 5.1.1.0, derive class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized.

Produtos afetados

Midnight Coders · WebORB for Java

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://codewhitesec.blogspot.com/2017/04/amf.html https://www.kb.cert.org/vuls/id/307983 http://www.securityfocus.com/bid/97384 http://www.securityweek.com/flaws-java-amf-libraries-allow-remote-code-execution