CVE-2019-17531

Aliases:GHSA-gjmw-vf9h-g25v

Advisory lineage Upstream: 0 Downstream: 11

Downstream

DEBIAN-CVE-2019-17531 DLA-2030-1 MGASA-2021-0153 RHSA-2019:4192 RHSA-2020:0159 RHSA-2020:0160

Modified

Published: 12 Oct 2019, 20:07

Last modified:05 Aug 2024, 01:40

Vulnerability Summary

Overall Risk (default)

high

70/100

CVSS Score

9.8 CRITICAL

v3.1 (nvd)

EPSS Score

1.22% LOW

1% probability +0.03%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

12 Oct 2019, 20:07

Published

Vulnerability first disclosed

05 Aug 2024, 01:40

Last Modified

Vulnerability information updated

Description

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.

CVSS Metrics

v3.1•CRITICAL•Score: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
v2.0•MEDIUM•Score: 6.8AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS Trends

Current EPSS score: 1.22%• Percentile: 79%

Techniques & Countermeasures

CWE-502•Deserialization of Untrusted Data
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

Affected Systems

debian•debian_linux
8.0
fasterxml•jackson-databind
≥ 2.0.0, < 2.6.7.3 | ≥ 2.7.0, < 2.8.11.5 | ≥ 2.9.0, < 2.9.10.1
com.fasterxml.jackson.core•jackson-databind
≥ 2.9.0, < 2.9.10.1 | ≥ 2.7.0, < 2.8.11.5 | < 2.6.7.3
netapp•oncommand_workflow_automation
na
netapp•steelstore_cloud_integrated_storage
na
oracle•banking_platform
2.4.0 | 2.4.1 | 2.5.0 | 2.6.0 | 2.6.1 | 2.6.2 | 2.7.0 | 2.7.1 | 2.9.0
oracle•communications_billing_and_revenue_management
7.5.0.23.0 | 12.0.0.3.0
oracle•communications_calendar_server
8.0.0.2.0 | 8.0.0.3.0
oracle•communications_cloud_native_core_network_slice_selection_function
1.2.1
oracle•communications_evolved_communications_application_server
7.1
oracle•global_lifecycle_management_nextgen_oui_framework
12.2.1.3.0 | 12.2.1.4.0 | 13.9.4.2.2
oracle•goldengate_application_adapters
19.1.0.0.0
oracle•jd_edwards_enterpriseone_orchestrator
9.2
oracle•jd_edwards_enterpriseone_tools
9.2
oracle•primavera_gateway
≥ 17.7, ≤ 17.12.6 | ≥ 18.8.0, ≤ 18.8.8 | 16.1 | 16.2 | 19.12.0
oracle•retail_merchandising_system
15.0.3 | 16.0.2 | 16.0.3
oracle•retail_sales_audit
14.1
oracle•siebel_engineering_-_installer_\&_deployment
≤ 2.20.5
oracle•trace_file_analyzer
12.2.0.1 | 18c | 19c
oracle•webcenter_portal
12.2.1.3.0 | 12.2.1.4.0
oracle•webcenter_sites
12.2.1.3.0 | 12.2.1.4.0
Unknown•WebLogic Server
12.2.1.3.0 | 12.2.1.4.0
redhat•jboss_enterprise_application_platform
7.2 | 7.3