| Vulnerability Name: | CVE-2017-5641 (CCN-124595) | ||||||||||||
| Assigned: | 2017-04-04 | ||||||||||||
| Published: | 2017-04-04 | ||||||||||||
| Updated: | 2022-04-19 | ||||||||||||
| Summary: | Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution. | ||||||||||||
| CVSS v3 Severity: | 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||
| Vulnerability Type: | CWE-502 | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2017-5641 Source: MLIST Type: Mailing List, Patch, Vendor Advisory [flex-dev] 20170327 [VOTE] Release Apache Flex BlazeDS 4.7.3 Source: CCN Type: SECTRACK ID: 1038273 VMware vCenter Server AMF3 Message Deserialization Bug Lets Remote Users Execute Arbitrary Code on the Target System Source: CCN Type: US-CERT VU#307983 AMF3 Java implementations are vulnerable to insecure deserialization and XML external entities references Source: BID Type: Broken Link 97383 Source: CCN Type: BID-97383 Apache Flex BlazeDS CVE-2017-5641 Remote Code Execution Vulnerability Source: SECTRACK Type: Broken Link 1038273 Source: CCN Type: VMware Security Advisory VMSA-2017-0007 VMware vCenter Server updates resolve a remote code execution vulnerability via BlazeDS Source: XF Type: UNKNOWN apache-cve20175641-code-exec(124595) Source: CCN Type: Apache Web site Flex BlazeDS Source: CONFIRM Type: Issue Tracking, Vendor Advisory https://issues.apache.org/jira/browse/FLEX-35290 Source: CCN Type: Packet Storm Security [04-20-2018] DrayTek VigorACS 2 Unsafe Flex AMF Java Object Deserialization Source: CONFIRM Type: Third Party Advisory https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03823en_us Source: CERT-VN Type: Third Party Advisory, US Government Resource VU#307983 Source: CCN Type: WhiteSource Vulnerability Database CVE-2017-5641 Source: CCN Type: ZDI-22-506 Cisco Nexus Dashboard Fabric Controller AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability Source: MISC Type: Third Party Advisory, VDB Entry https://www.zerodayinitiative.com/advisories/ZDI-22-506/ Source: CCN Type: ZDI-22-507 Cisco Nexus Dashboard Fabric Controller Improper Privilege Management Privilege Escalation Vulnerability Source: MISC Type: Third Party Advisory, VDB Entry https://www.zerodayinitiative.com/advisories/ZDI-22-507/ | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||