| Vulnerability Name: | CVE-2018-12022 (CCN-163227) | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Assigned: | 2018-06-07 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Published: | 2019-01-30 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Updated: | 2020-10-20 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Summary: | An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) 6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-502 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2018-12022 Source: CCN Type: Oracle CPUJul2019 Oracle Critical Patch Update Advisory - July 2019 Source: BID Type: Third Party Advisory, VDB Entry 107585 Source: REDHAT Type: Third Party Advisory RHBA-2019:0959 Source: REDHAT Type: Third Party Advisory RHSA-2019:0782 Source: REDHAT Type: Third Party Advisory RHSA-2019:0877 Source: REDHAT Type: Third Party Advisory RHSA-2019:1106 Source: REDHAT Type: Third Party Advisory RHSA-2019:1107 Source: REDHAT Type: Third Party Advisory RHSA-2019:1108 Source: REDHAT Type: Third Party Advisory RHSA-2019:1140 Source: REDHAT Type: Third Party Advisory RHSA-2019:1782 Source: REDHAT Type: Third Party Advisory RHSA-2019:1797 Source: REDHAT Type: Third Party Advisory RHSA-2019:1822 Source: REDHAT Type: Third Party Advisory RHSA-2019:1823 Source: REDHAT Type: UNKNOWN RHSA-2019:2804 Source: REDHAT Type: UNKNOWN RHSA-2019:2858 Source: REDHAT Type: UNKNOWN RHSA-2019:3002 Source: REDHAT Type: UNKNOWN RHSA-2019:3140 Source: REDHAT Type: UNKNOWN RHSA-2019:3149 Source: REDHAT Type: UNKNOWN RHSA-2019:3892 Source: REDHAT Type: UNKNOWN RHSA-2019:4037 Source: CCN Type: Red Hat Bugzilla - Bug 1671098 CVE-2018-12022 jackson-databind: improper polymorphic deserialization of types from Jodd-db library Source: CONFIRM Type: Issue Tracking, Third Party Advisory https://bugzilla.redhat.com/show_bug.cgi?id=1671098 Source: XF Type: UNKNOWN fasterxml-cve201812022-code-exec(163227) Source: CCN Type: jackson-databind GIT Repository FasterXML jackson-databind Source: CONFIRM Type: Patch, Third Party Advisory https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a Source: CONFIRM Type: Patch, Third Party Advisory https://github.com/FasterXML/jackson-databind/issues/2052 Source: MLIST Type: UNKNOWN [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities Source: MLIST Type: UNKNOWN [lucene-issues] 20191004 [GitHub] [lucene-solr] marungo opened a new pull request #925: SOLR-13818: Upgrade jackson to 2.10.0 Source: MLIST Type: UNKNOWN [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities Source: MLIST Type: UNKNOWN [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities Source: MISC Type: Third Party Advisory https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC/ Source: MISC Type: Third Party Advisory https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 Source: BUGTRAQ Type: Mailing List, Third Party Advisory 20190527 [SECURITY] [DSA 4452-1] jackson-databind security update Source: CONFIRM Type: Third Party Advisory https://security.netapp.com/advisory/ntap-20190530-0003/ Source: MISC Type: Technical Description, Third Party Advisory https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf Source: DEBIAN Type: Third Party Advisory DSA-4452 Source: CCN Type: IBM Security Bulletin 6217806 (Security Identity Governance and Intelligence) IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities. Source: CCN Type: IBM Security Bulletin 6244628 (Rational Publishing Engine) Third party vulnerable library Jackson-Databind affects IBM Engineering Lifecycle Optimization - Publishing Source: CCN Type: IBM Security Bulletin 6324739 (Security Guardium Insights) IBM Security Guardium Insights is affected by Components with known vulnerabilities Source: CCN Type: IBM Security Bulletin 6403331 (Security Guardium Data Encryption) Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE) Source: CCN Type: IBM Security Bulletin 6444089 (Log Analysis) Multiple vulnerabilities in FasterXML jackson-databind affect Apache Solr shipped with IBM Operations Analytics - Log Analysis Source: CCN Type: IBM Security Bulletin 6828455 (z/Transaction Processing Facility) z/Transaction Processing Facility is affected by multiple vulnerabilities in the jackson-databind, jackson-dataformat-xml, jackson-core, slf4j-ext, and cxf-core packages Source: CCN Type: IBM Security Bulletin 6840955 (Log Analysis) Multiple vulnerabilities in Data-Binding for Jackson shipped with IBM Operations Analytics - Log Analysis Source: CCN Type: IBM Security Bulletin 6910171 (Integration Designer) Multiple CVEs affect IBM Integration Designer Source: N/A Type: UNKNOWN N/A Source: MISC Type: UNKNOWN https://www.oracle.com/security-alerts/cpuoct2020.html Source: MISC Type: Patch, Third Party Advisory https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Source: MISC Type: Patch, Third Party Advisory https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html Source: CCN Type: WhiteSource Vulnerability Database CVE-2018-12022 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration 3: Configuration 4: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||