CVE-2020-7961

Liferay Portal Deserialization of Untrusted Data Vulnerability

Severity Score

9.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

Yes

*KEV

Decision

*SSVC

Descriptions

Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).

Una Deserialización de Datos No Confiables en Liferay Portal versiones anteriores a 7.2.1 CE GA2, permite a atacantes remotos ejecutar código arbitrario por medio de los servicios web JSON (JSONWS).

Liferay Portal contains a deserialization of untrusted data vulnerability that allows remote attackers to execute code via JSON web services.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-01-24 CVE Reserved
2020-03-20 CVE Published
2020-04-03 First Exploit
2021-11-03 Exploited in Wild
2022-05-03 KEV Due Date
2024-08-04 CVE Updated
2024-11-15 EPSS Updated

CWE

CWE-502: Deserialization of Untrusted Data

CAPEC

References (17)

URL	Tag	Source
http://packetstormsecurity.com/files/157254/Liferay-Portal-Java-Unmarshalling-Remote-Code-Execution.html	Third Party Advisory
http://packetstormsecurity.com/files/158392/Liferay-Portal-Remote-Code-Execution.html	Third Party Advisory
https://codewhitesec.blogspot.com/2020/03/liferay-portal-json-vulns.html
https://www.synacktiv.com/posts/pentest/how-to-exploit-liferay-cve-2020-7961-quick-journey-to-poc.html

URL	Date	SRC
https://www.exploit-db.com/exploits/48332	2020-04-16
https://github.com/mzer0one/CVE-2020-7961-POC	2020-04-14
https://github.com/ShutdownRepo/CVE-2020-7961	2021-01-15
https://github.com/CrackerCat/CVE-2020-7961-Mass	2021-01-03
https://github.com/shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui	2020-06-23
https://github.com/shacojx/POC-CVE-2020-7961-Token-iterate	2020-06-23
https://github.com/shacojx/GLiferay-CVE-2020-7961-golang	2020-06-23
https://github.com/thelostworldFree/CVE-2020-7961-payloads	2020-04-03
https://github.com/manrop2702/CVE-2020-7961	2024-03-14
https://github.com/pashayogi/CVE-2020-7961-Mass	2022-05-22
https://research.checkpoint.com/2021/freakout-leveraging-newest-vulnerabilities-for-creating-a-botnet	2024-08-04

URL	Date	SRC

URL	Date	SRC
https://portal.liferay.dev/learn/security/known-vulnerabilities	2021-01-30
https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/117954271	2019-11-25

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Liferay Search vendor "Liferay"		Liferay Portal Search vendor "Liferay" for product "Liferay Portal"				<= 7.2.0 Search vendor "Liferay" for product "Liferay Portal" and version " <= 7.2.0"		community		Affected