CVE-2017-12149

Red Hat JBoss Application Server Remote Code Execution Vulnerability

Severity Score

9.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

Yes

*KEV

Decision

*SSVC

Descriptions

In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data.

En Jboss Application Server tal y como se distribuye con Red Hat Enterprise Application Platform 5.2, se ha descubierto que el método doFilter en el ReadOnlyAccessFilter del invocador HTTP no restringe las clases para las que realiza la deserialización y, por lo tanto, permite que un atacante ejecute código arbitrario mediante datos serializados manipulados.

It was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization. This allows an attacker to execute arbitrary code via crafted serialized data.

The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-08-01 CVE Reserved
2017-10-04 CVE Published
2017-11-22 First Exploit
2021-12-10 Exploited in Wild
2022-06-10 KEV Due Date
2024-07-25 EPSS Updated
2024-08-05 CVE Updated

CWE

CWE-502: Deserialization of Untrusted Data

CAPEC

References (11)

URL	Tag	Source
http://www.securityfocus.com/bid/100591	Broken Link
https://github.com/gottburgm/Exploits/tree/master/CVE-2017-12149	Third Party Advisory

URL	Date	SRC
https://github.com/sevck/CVE-2017-12149	2017-11-22
https://github.com/1337g/CVE-2017-12149	2017-12-23
https://github.com/jreppiks/CVE-2017-12149	2019-08-22
https://github.com/JesseClarkND/CVE-2017-12149	2024-04-30
https://github.com/VVeakee/CVE-2017-12149	2022-04-16

URL	Date	SRC

URL	Date	SRC
https://access.redhat.com/errata/RHSA-2018:1607	2024-07-24
https://access.redhat.com/errata/RHSA-2018:1608	2024-07-24
https://bugzilla.redhat.com/show_bug.cgi?id=1486220	2018-05-17
https://access.redhat.com/security/cve/CVE-2017-12149	2018-05-17

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				-		text-only		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				5.0.0 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "5.0.0"		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				5.0.1 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "5.0.1"		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				5.1.0 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "5.1.0"		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				5.1.1 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "5.1.1"		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				5.1.2 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "5.1.2"		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				5.2.0 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "5.2.0"		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				5.2.1 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "5.2.1"		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				5.2.2 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "5.2.2"		-		Affected