Lucene search

GitHub_MCVE-2023-36480

HistoryAug 04, 2023 - 3:15 p.m.

CVE-2023-36480

2023-08-0415:15:10

CWE-502

GitHub_M

web.nvd.nist.gov

123

aerospike java client

java application

network protocol

cve-2023-36480

security vulnerability

code execution

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.006

Percentile

78.9%

JSON

The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them without further validation. Attackers that manage to trick clients into communicating with a malicious server can include especially crafted objects in its responses that, once deserialized by the client, force it to execute arbitrary code. This can be abused to take control of the machine the client is running on. Versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 contain a patch for this issue.

Affected configurations

Nvd

Vulners

Node

aerospikeaerospike_java_clientRange<4.5.0

aerospikeaerospike_java_clientRange5.0.0–5.2.0

aerospikeaerospike_java_clientRange6.0.0–6.2.0

VendorProductVersionCPE
aerospikeaerospike_java_client*cpe:2.3:a:aerospike:aerospike_java_client:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
aerospike	aerospike_java_client	*	cpe:2.3:a:aerospike:aerospike_java_client::::::::

CNA Affected

[
  {
    "vendor": "aerospike",
    "product": "aerospike-client-java",
    "versions": [
      {
        "version": ">= 6.0.0, < 6.2.0",
        "status": "affected"
      },
      {
        "version": ">= 5.0.0, < 5.2.0",
        "status": "affected"
      },
      {
        "version": "< 4.5.0",
        "status": "affected"
      }
    ]
  }
]

References

github.com/aerospike/aerospike-client-java/blob/e40a49b3db0d2b3d45068910e1cb9d917c795315/client/src/com/aerospike/client/async/AsyncRead.java#L68

github.com/aerospike/aerospike-client-java/blob/e40a49b3db0d2b3d45068910e1cb9d917c795315/client/src/com/aerospike/client/async/NettyCommand.java#L1157

github.com/aerospike/aerospike-client-java/blob/e40a49b3db0d2b3d45068910e1cb9d917c795315/client/src/com/aerospike/client/async/NettyCommand.java#L489

github.com/aerospike/aerospike-client-java/blob/e40a49b3db0d2b3d45068910e1cb9d917c795315/client/src/com/aerospike/client/async/NettyCommand.java#L596

github.com/aerospike/aerospike-client-java/blob/e40a49b3db0d2b3d45068910e1cb9d917c795315/client/src/com/aerospike/client/command/Buffer.java#L53

github.com/aerospike/aerospike-client-java/blob/e40a49b3db0d2b3d45068910e1cb9d917c795315/client/src/com/aerospike/client/command/Command.java#L2083

github.com/aerospike/aerospike-client-java/blob/e40a49b3db0d2b3d45068910e1cb9d917c795315/client/src/com/aerospike/client/util/Unpacker.java#L227

github.com/aerospike/aerospike-client-java/commit/02bf28e62fb186f004c82c87b219db2fc5b8262a

github.com/aerospike/aerospike-client-java/commit/51c65e32837da29435161a2d9c09bbdc2071ecae

github.com/aerospike/aerospike-client-java/commit/66aafb4cd743cf53baffaeaf69b035f51d2e2e36

github.com/aerospike/aerospike-client-java/commit/80c508cc5ecb0173ce92d7fab8cfab5e77bd9900

github.com/aerospike/aerospike-client-java/security/advisories/GHSA-jj95-55cr-9597

support.aerospike.com/s/article/CVE-2023-36480-Aerospike-Java-Client-vulnerable-to-unsafe-deserialization-of-server-responses

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.006

Percentile

78.9%

JSON

Related for CVE-2023-36480